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IT  salaries  headed  south 

Pay  for  noncertified  IT  skills,  which  has  been  consistently  on  the 
rise  since  mid-2004,  began  to  decline  in  the  last  quarter  of  2008, 
research  shows.  Pay  for  certified  skills  is  also  falling.  Page  14. 


Mobile  feds  want  BlackBerries 

President  Barack  Obama  isn’t  the  only 
U.S.  federal  government  employee  who 
wants  to  keep  his  BlackBerry.  Page  16. 


weather 

recession? 

While  Verizon  and 
AT&T  have  posted 
solid  earnings  over 
the  past  year,  they 


Cisco,  HP  fight  for  data  center 

HP  ramps  up  ProCurve  switch  line,  while  Cisco  readies  ‘California’ 


are  unlikely  to 
emerge  from  the 
current  recession 
unscathed.  Page  8. 


Disk-drive  encryp¬ 
tion  gets  boost 

Opal  standards  effort 
addresses  debate 
over  application-  vs. 
hardware-based 
encryption.  Page  10. 


South  Carolina's 
spectrum  challenge 

State  plans  to  repro¬ 
gram  huge  spectrum 
asset.  Page  14. 


Questioning 
Obama's  broad¬ 
band  stimulus  plan 

Columnist  Scott 
Bradner 
asks 
whether 
the  plan 
throws 
money 
at  the  wrong  target. 
Page  19. 


BY  JIM  DUFFY 

Cisco  and  HP  last  week  armed  them¬ 
selves  for  an  impending  data  center 
battle  in  which  each  company  will  in¬ 
vade  the  other’s  turf. 

HP’s  ProCurve  networking  division 
unveiled  its  first  switches  optimized  for 
data  center  duty  The  company  also 
rolled  out  a  server  module  for  existing 
switches  that  lets  users  begin  integrat¬ 
ing  and  consolidating  switching  and 
application  processing. 

Cisco,  meanwhile,  laid  the  ground¬ 
work  for  an  imminent  blade-server 
launch  with  additions  to  the  Nexus 
switching  line  and  enhancements  to  its 
Catalyst  products,  including  software 


HP  ProCurve’s  6600  switch  line 
is  the  company’s  first  that  is 
optimized  for  the  data  center. 


designed  to  enable  the  switches  to 
control  the  energy  consumption  of 
attached  devices.  Cisco  is  expected  to 
launch  its  “California”  blade  server  mid¬ 
year,  and  the  switching  upgrades  are 
designed  to  help  support  that  effort. 


HP’s  ProCurve  launch  also  is  in 
anticipation  of  the  Cisco  blade  server, 
which  will  encroach  on  HP’s  longtime 
data  center  territory.  So  HP’s  new 
switches  are  viewed  as  a  preemptive 
strike  into  the  heart  of  Cisco’s  data 
center  stronghold. 

“This  is  clearly  a  demonstration  of  HP 
really  taking  ProCurve  in  the  enterprise 
and  leveraging  other  HP  strengths,” says 
Jon  Oltsik,  an  analyst  at  Enterprise 
Strategy  Group.  “HP’s  certainly  in  the 
data  center  business,  and  for  the  first 
time  ever  they’re  talking  about  han¬ 
dling  all  communications,  too.  HP  is 
looking  at  where  it  can  succeed  in  the 
See  Data  center,  page  12 


Think  your  end  users  are  keeping  corporate 
data  secure  when  they  connect  from  Wi-Fi 
hot  spots?  Be  afraid.  Be  very  afraid.  Page  24. 

Slideshow:  Top  10  laptop  safety  tips  How 
to  protect  yourself  when  using  public  Wi-Fi. 
www.nwdocfinder.com/8529 
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Mediterranean  Shipping  Company  has 
discovered  a  new  form  of  energy. 

Mediterranean  Shipping  Company  (MSC)  is  the  second-largest 
container  ship  line  in  the  world,  with  a  database  that  tracks  more 
than  210  billion  transactions  a  year.  The  company  recently  upgraded 
its  database  to  Microsoft'  SQL  Server  2008,  not  only  to  handle  this 
massive  load,  but  also  to  simplify  MSC's  database  administration 
and  help  ensure  high  availability.  Which  is  like  a  new  form  of  energy 
for  MSC.  See  the  whole  story  at  SQLServerEnergy.com 
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snap  a  picture  of  this 
tag.  (Requires  a  free 
mobile  app  from 
http://gettag.mobi) 


To  get  the  full  MSC 
story  on  your  phone, 
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■  Altec  Lansing's 
Octiv  Air  lets  users 
separate  the  location  of 
their  iPod  from  the  speaker  portion. 
See  Cool  Tools,  page  22. 


Interviews  with  Wi-Fi 
users  at  airports  and 
coffee  shops  reveal 
serious  security  lapses. 

g  Page  24- 


GOODBADUGLY 


A  more  flexible  Gmail 

Google  has  made  available  in  beta  an 
offline  capability  for  its  Gmail  platform 
that  allows  business  and  consumer 
users  to  work  with  e-mail  and  eventu¬ 
ally  calendar  items  while  disconnected 
from  the  network.  The  company  said 
that  its  Gmail  Labs  is  developing  and 
testing  offline  capabilities  that  allow 
users  to  read,  compose  and  archive 
messages  while  offline.  New  messages 
are  sent  when  the  user  reattaches  to 
the  network. 


White  House  e-mail  crashes 

The  tech-savvy  Obama  White  House 
last  week  suffered  the  inconvenience 
and  embarrassment  of  an  e-mail  crash 
that  lasted  several  hours.  The  outage 
was  announced  during  a  regular  briefing 
at  which  Press  Secretary  Robert  Gibbs 
apologized  to  reporters  for  the  adminis¬ 
tration’s  failure  to 
answer  e-mails.  • 

• 

Heartbreaking 
valentine 
MX  Logic,  Trerid 
Micro  and  Pane  a 
Security  are  among 
the  security  ven¬ 
dors  warning  about 
new,  Valentine’s  Day-themed  spam 
schemes  that  attempt  to  trick  users  into 
installing  the  Waledec  bot.  It  looks  like 
the  spammers  behind  last  year's  Storm 
bot  up  are  up  to  their  old  tricks,  the 
security  companies  say. 


P  »LL 

A  snapshot  of  how  networkworld.com 
visitors  voted  on  a  key  networking  issue 
last  week: 

Is  Windows  7  what  you’ve  really 
always  wanted  in  Vista? 

Maybe,  let’s  see  how 
Nope,  more  of  the  it  works  with  drivers / 
same  old,  same  old  hardware  after  it 
from  Microsoft.  27%  ships.  42% 


Yes,  thanks  to 
Windows  7  I’ll  stick 
with  Windows.  31%- 

Total  voters  for  this  poll:  121 

Vote  and  discuss:  www.nwdocfinder.com/8451 
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PEERSAY 


Cisco’s  new  energy  manage¬ 
ment  offering 

Although  [Energy  Wise  is]  it’s  a  noble  and 
environmentally  and  politically  correct  initia¬ 
tive  from  Cisco,  I  think  its  chances  of  gaining 
support  throughout  the  facilities-infrastructure 
industry  are  next  to  nil.  To  think  that  Cisco 
could  drive  the  standards  by  which  the  con¬ 
trol  of  all  manufacturers’  facilities-infrastruc¬ 
ture  equipment  would  conform  is  not  realis¬ 
tic.  I  think  Cisco  is  flattering  itself  to  think  that 
just  because  the  network  is  pervasive  that 
everyone  will  want  ‘The  Network”  to  control 
everything,  (www.nwdocfinder.com/8522) 
John  Parsons 
Parsons  Telecom 
Consulting 

On  Building  Man¬ 
agement  System  inter¬ 
face  and  control: 

Cisco  didn’t  invent 
this  phenomenon  of 
IP  networks  being 
used  to  monitor  and 
in  some  cases  man¬ 
age  real  estate.  It’s 
being  done  at  massive  scale  all  over  China  and 
the  Middle  East  right  now, particularly  in  Dubai. 
It’s  easy  to  forget  that  the  facilities  professionals 
entering  the  workforce  today  grew  up  with 
Ethernet  and  laptops.  It’s  the  network  they 
already  know. 

On  product  efficiency:  Cisco  makes  efficient 
products  today  (see  the  product-efficiency  cal¬ 
culator  run-through  at  www.nwdocfinder.com 
/8523),  as  do  most  large  IT  vendors. The  gains 
you  get  at  the  product  level  pale  in  comparison 
to  active  management  and  well-planned  infra¬ 
structure  architectures. 

You  can  reference  my  blog  post  ‘The  Green  IT 
Lion  Just  Got  Teeth’  at  www.nwdocfinder 
.com/8524. 

Rob  Aldrich 
Senior  manager  and  principal 
Cisco  Efficiency  Assurance  Program 

Discuss  at  www.nwdocfinder.com/8525 

Cat’s  meow  on  Windows  7: 
VHD 

Re:  Windows  7:  the  untold  story  of  how  the 
enterprise  gets  snubbed  (www.nwdocfinder. 
com/8526):  Great  article,  but  I  think  you 
missed  the  point  on  Native  Virtual  Hard  Drive. 
OK,  the  article  does  say  you  didn’t  understand. 
Native  VHD  support  in  my  opinion  is  a  huge 
boost  for  Windows  7/2008  R2.  It’s  reducing  the 
number  of  Windows  images  that  have  to  be 
managed.  The  same  Win7/2008  R2  image  can 
be  used  on  a  physical  device,  as  well  as  [in]  a 
[virtual  desktop  infrastructure] /hosted  envi¬ 
ronment.  No  need  for  the  admin  to  create  and 
maintain  two  separate  images. Second,  it  allow 
third-party  tools  (such  as  Citrix  Provisioning 
Server)  to  simply  add  the  disk,  and  stream  or 
[Preboot  Execution  Environment]  PXE  boot 
the  client.  Make  one  update  and  all  of  your 


clients  will  have  those  updated  upon  reboot. 
Without  getting  too  wordy,  there  also  are  ele¬ 
ments  of  deployment  and  security  that  can  be 
applied  by  using  VHD  images  that  you  can’t 
get  running  on  a  raw  disk. 

Joe  Shonk 

Discuss  at  www.nwdocfinder.com/8526 

Updates  are  good 

Re:  Place  your  bets  against  malware 
(www.nwdocfinder.com/8527): 

I  had  a  major  problem  last  week:  IE  7  started 
behaving  weirdly  I  went  to  get  on  eBay,  and  got 
a  notification  that  my  browser  wasn’t  accept¬ 
ing  cookies.  Then  I  went  to  a  Web  site  recom¬ 
mended  by 

Windows  Secrets  to 
run  a  check  for  bots, 
and  got  a  message 
offering  to  install  a 
Java  runtime,  since  I 
didn’t  have  one  —  in 
spite  of  the  fact  that  I 
had  a  Java  icon  in 
my  tray  Then,  when  I 
tried  to  access 
Internet  Options 
from  the  Tools  menu, 
I  got  a  message  saying  access  was  denied, 
even  when  logged  in  as  Administrator.  Worse 
yet,  when  I  tried  to  get  properties  from  the  IE 
desktop  icon  with  a  right-click,  I  got  an  error 
about  a  missing  entry  point  in  a  [dynamic-link 
library] .  I  was  convinced  I  had  something  that 
was  going  to  require  a  full  wipe  and  rebuild. 

In  desperation,  I  went  to  Microsoft  Update 
and  pulled  down  all  the  latest  stuff,  in  spite  of 
the  fact  that  my  last  visit  there  had  only  been 
a  few  weeks  earlier.  Son  of  a  gun,  when  I 
rebooted,  everything  worked  perfectly! 

So  I  guess  the  moral  of  the  story  is,  don’t  get 
behind  on  those  updates! 

Rich  Gierman 

Discuss  at  www.nwdocfinder.com/8528 

Why  upgrade? 

Re:  Windows  7  will  not  sway  XP  users 
(www.nwdocfinder.com/8533):  For  business 
users  Windows  7  may  have  the  potential  to 
stop  the  downgrades  that  are  occurring  on  so 
many  of  the  new  machines  purchased  for  cor¬ 
porate  use.  Upgrades,  I  don’t  think  so,  not  until 
support  stops  or  the  old  machine  is  retired.  I’m 
still  providing  support  for  companies  that  are 
running  Windows  2000,  which  meets  their 
basic  needs.  The  software  vendor  community 
that  serves  small  to  medium  business  have  not 
universally  provided  compatibility  with  Vista. 
Adoption  of  Windows  7  will  be  hindered  in 
the  SMB  market  place  just  as  Vista  is  today 
with  ut  the  software  vendors  support. 

Rex  Humston 

Discuss  at  www.nwdocfinder.com/8533 

E-mail  letters  to  jdix@nww.com  or  send  them 
to  John  Dix,  editor  in  chief,  Network  World,  492 
Old  Connecticut  Path,  Framingham,  MA  01 701- 
9002.  Please  include  phone  number  and  address 
for  verification 


M Cisco  makes  efficient  prod¬ 
ucts  today,  as  do  most  large  IT 
vendors.  The  gains  you  get  at 
the  product  level  pale  in  com¬ 
parison  to  active  management 
and  well-planned  infrastruc¬ 
ture  architectures.55 
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98,930  Affected  In 
Forever  21  Data  Breach 


THINK  THE  NEXT  GENERATION  OF  MALWARE 
doesn’t  have  a  headline  waiting  for  you? 


Data-stealing  malware  is  smarter,  faster  and  more  advanced  than  ever.  It's  infiltrating  the  most  secure  enterprises 
and  yours  could  be  next.  But  with  Trend  Micro™  Enterprise  Security,  powered  by  the  Trend  Micro  Smart  Protection 
Network,  you’ll  be  ready.  This  unigue  combination  of  solutions  and  services  is  the  next-generation,  cloud-client 
security  infrastructure  that  blocks  the  most  sophisticated  threats-before  they  reach  your  network.  Download 
our  eBook  and  learn  how  easily  Web  threats  like  data-stealing  malware  can  evade  your  current  security  solution 
and  what  you  can  do  about  it. 


►  Download  our  Outthink  the  Threat  eBook  and  register  for  a  free, 
onsite  risk  assessment  now  at  trendmicro.com/thinkagain. 
Or  contact  us  for  more  information  at  877-21-TREND  EXT.  53 
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■  Taser-wielding  boss?  Can’t  get  to 
me  here.  Ann  Bednarz  writes  in  her  Work 
Anywhere  blog,  “  One  advantage  of  work¬ 
ing  from  home  is  not  being  physically  pre¬ 
sent  when  bosses  behave  badly.  Like  the 
boss  who  used  a  taser  gun  on  a  subordi¬ 
nate;  he  didn’t  have  a  shot  at  hitting  a  tele¬ 
worker  that  day.  Off-site  employees  were 
also  spared  when  a  boss  played  show-and- 
tell  with  his  kidney  stone  and  another  held 
a  meeting  from  inside  a  locked  bathroom. 
These  bad-boss  anecdotes  surfaced  in 
CareerBuilder.com's  most  recent  survey. 
Some  other  doozies?  The  boss  who  kept 
his  lunch  in  a  freezer  intended  for  human 
organ  storage,  or  the  one  who  brought  a 
gun  to  work  and  cleaned  it  in  an  area 
behind  employees.” 
www.nwdocfinder.  com/8534 

■  This  market  needs  an  intervention  — 
and  a  12-step  plan.  Denise  Dubie  hosted 
guest  blogger  Richard  Muirhead,  CEO  of 
Tideway,  in  her  Management  Maven  blog. 
Muirhead  is  reporting  from  the  World  Eco¬ 
nomic  Forum  in  Davos  this  week.  “We  were 
told  we  are  headed  for  2.5%  growth  average 
over  the  next  three  years  thanks  to  a  global 
recession  this  year  and  anemic  growth  next. 
Other  more  dire  predictions  from  Davos? 
We  may  be  in  ‘Proto-Depression’  and/or 
could  ‘drift  along  like  this  for  10  years.  .  .  . 
The  theme  of  Wednesday  afternoon  at 
Davos  seemed  to  be  summed  up  as  this: 
‘Crisis  is  a  productive  state  once  you  have 
overcome  the  aftertaste  of  disaster.'  The 
day’s  ray  of  optimism  came  from  China’s 
Premier,  Wen  Jiabao.  While  China  attained 
only  6.8%  annualized  growth  in  Q4,  the  tar¬ 
get  set  for  2009  is  8%,  something  ‘necessary 
and  attainable  through  hard  work,’  according 
to  the  premier.” 

www.nwdocfinder.com/8535 

■  Windows  7  IPv6  support.  Scott  Hogg 
writes  in  his  Core  Networking  and  Security 
blog:  “The  more  some  things  change  the 
more  they  stay  the  same.  That  is  certainly 
true  for  the  IPv6  support  in  Windows  7.  Even 
though  Windows  7  is  the  latest  Microsoft 
desktop  operating  system,  its  IPv6  support 
is  very  similar  to  the  features  inside  Vista 
and  Server  2008. ...  One  of  the  controversial 
IPv6  features  in  Windows  Vista,  Windows 
Server  2008  and  Windows  7  is  that  it  uses 
random  interface  identifiers  when  creating 
its  IPv6  addresses.  .  .  .  Windows  7  doesn't 
use  the  EU 1-64  technique  by  default  when 
forming  its  interface  identifier.  Microsoft 
has  blurred  the  lines  between  these  two 
address  autoconfiguration  concepts." 
www.nwdocfinder.com/8536 


HP  alliance  opti¬ 
mizes  ProCurve 
switches 

ProCurve  One,  is  aimed 
to  bring  software  for 
security,  application 
acceleration  and  other 
functions  right  into  the 
network. 

www.nwdocfinder.com/8538 


Bill  Gates  boosts 
fight  against  polio 

The  fight  to  eradicate 
polio  has  been  given  a 
significant  monetary 
boost  through  new 
funds  pledged  by  Bill 
Gates'  charitable  foun¬ 
dation. 

www.nwdocfinder.com/8539 


Portable  gadget 
helps  visually 
impaired 


MIT  researchers  have 
designed  a  portable 
device  that  allows  peo¬ 
ple  with  visual  impair¬ 
ments  to  access  the 
internet,  view  pho¬ 
tographs  or  see  the 
face  of  a  friend. 


www.nwdocfinder.com/8540 
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Are  your  old  computers  poison¬ 
ing  people  in  the  third  world? 


Tech  exec:  Most  companies  are  adopting 
green  IT  initiatives  these  days.  This  includes 
reducing  the  power  consumption  of  the  data 
center;  enabling  workers  to  telecommute  and 
hold  virtual  meetings  in  order  to  reduce  their 
transportation  and  travel  needs  and  thus  their 
carbon  footprint;  and  recycling  used  electron¬ 
ic  equipment  that  the  company  no  longer 
needs.  All  of  these  activities  are  admirable 
efforts  intended  to  lessen  the  impact  of  busi¬ 
ness  computing  on  our  environment.  But 
when  it  comes  to  recycling  old  computers, 
green  practices  may  not  always  be  what  they 
seem  to  be  on  the  surface.  It’s  possible  that 
your  recycling  service  provider  might  simply 
be  shifting  the  environmental  hazard  from 
one  country  to  another,  and  this  could  come 
back  to  haunt  your  company  some  day  A 
recent  news  story  on  the  television  show 
“20/20”  reveals  what  the  video  producers  call 
“the  electronic  wasteland.”  The  show  fol¬ 
lowed  the  disturbing  path  that  some  of  our 
electronic  waste  (e-waste)  —  including  cell 
phones,  televisions, VCRs  and  DVD  players, 
and  of  course,  computers  and  peripherals  — 
takes  after  it  goes  to  the  recycling  center. 
www.nwdocfinder.com/8530 


Network  management:  The  benefits  of  vir¬ 
tualization  won’t  come  easy  according  to 
research  that  shows  IT  organizations  investing 
time  and  effort  into  adopting  best  practices 
around  managing  virtual  systems  are  more 
likely  to  lower  administration  costs,  speed 
problem  resolution  and  improve  uptime 
across  the  environment.  Enterprise 
Management  Associates  (EMA)  recently 
released  the  results  of  an  extensive  study  of 
153  organizations  with  active  virtualization 
deployments,  and  the  findings  show  that 
rolling  out  a  virtual  server  won’t  deliver  many 
advantages  without  solid  and  standard 
processes  in  place.  Andi  Mann,  research 
director  at  EMA,  headed  up  the  study  and 
says  mature  organizations  investing  in  best 
practices  will  see  better  results  than  those 
looking  for  a  quick  fix.“Mature  IT  organiza¬ 
tions,  those  with  chargeback  and  capacity 
planning  processes  in  place,  are  20%  more 
likely  to  be  among  the  best  performers  in 
retiring  servers,  14%  more  likely  to  reduce 
power  consumption  and  14%  more  likely  to 
have  a  better  administrator  to  virtual  machine 
ratio,”  Mann  says. 
www.nwdocfinder.com/8532 
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Cisco  packages  target 
small  businesses 

Cisco  last  week  unveiled  security  storage  and 

unified  communications  products  geared  to  j.  '■ 
small  companies  as  part  of  its  recently 
announced  $100  million  commitment  to  that  busi¬ 
ness  market.The  products  include  the  Cisco  Spam  & 

Virus  Blocker  appliance;  the  Cisco  NSS2000  and 
NSS3000  Network  Storage  Systems  (pictured),  which 
are  desktop  network-attached-storage  devices  to 
secure  data  and  let  employees  share  information; 
and  the  Cisco  Smart  Business  Communications 
System  Release  1.4,  a  collaboration  and  communi¬ 
cations  system  that  includes  a  wireless,  desktop  IP 
phone  with  Bluetooth  capabilities.  The  products 
come  from  Cisco’s  newly  formed  Small 
Business  Technology  Group,  which  focuses  on 
developing  technologies  within  six  small-to-midsize  busi¬ 
ness  priority  areas:  security  connectivity  productivity,  remote  access, 
customer  interaction  and  customer  support,  www.nwdocfinder.com/8541 


Google,  partners  release  net  neutrality 
tools.  Google  and  a  group  of  partners  have 
released  software  designed  to  help  broad¬ 
band  customers  and  researchers  measure  the 
performance  of  Internet  connections.The 
products,  at  MeasurementLab.net,  include  a 
network  diagnostic  tool,  a  network-path  diag¬ 
nostic  tool  and  a  tool  to  measure  whether  a 
user’s  broadband  provider  is  slowing  Bit- 
Torrent  peer-to-peer  traffic.  Joining  the  M-Lab 
applications  soon  are  a  tool  to  determine 
whether  a  broadband  provider  is  giving  some 
traffic  a  lower  priority  than  other  traffic,  and  a 
tool  to  determine  whether  a  provider  is  de¬ 
grading  certain  users  or  applications.“Trans- 
parency  is  our  goal,” said  Vint  Cerf,  chief  Inter¬ 
net  evangelist  at  Google  and  a  co-developer 
ofTCP/IP’Our  intent  is  to  make  more  [infor¬ 
mation]  visible  for  all  who  are  interested  in 
the  way  the  network  is  functioning  at  all  lay¬ 
ers.”  www.nwdocfinder.com/8542 

Feds:  Fired  Fannie  Mae  contractor  tried 
to  crash  network.  A  former  Fannie  Mae  IT 
contractor  has  been  charged  with  planting 
malicious  software  on  the  mortgage  giants 
systems  on  the  day  he  lost  his  job  last 
October.  Rajendrasinh  Makwana,35,who  at 
the  time  was  a  contract  employee  at  Fannie 
Mae,  planted  a  nasty  custom  script  designed 
to  wipe  out  about  4,000  of  the  company’s 
servers  on  Jan.  31, 2009,  according  to  a  sworn 
affidavit  from  FBI  Special  Agent  Jessica  Nye. 
Makwana  was  indicted  last  week  by  a  federal 
court  in  Maryland  on  a  charge  of  computer 
intrusion. The  script  was  installed  on  Fannie 
Mae’s  servers  less  than  an  hour  after 


Makwana  was  told  that  Oct.  24  would  be  his 
last  day  at  the  company,  Nye  said.  It  was  dis¬ 
covered  five  days  later  by  a  Fannie  Mae  Unix 
administrator,  who  found  it  tagged  on  to  the 
end  of  a  legitimate  script  designed  to  check 
that  the  data-center’s  storage-area  network 
was  running  correctly 
www.nwdocfinder.com/8543 

Websense  buys  Defensio  to  keep  user¬ 
generated  content  clean.  Websense  has 
acquired  start-up  Defensio  for  an  undisclosed 
price,  gaining  tools  to  clean  out  spam  and 
malware  that  get  posted  as  comments  to 
blogs,  user  forums  and  other  sites  that  accept 
usercreated  content.  Defensio’s  Webcleaning 
service  —  offered  free  for  personal  use  — 
depends  on  software  developers  incorporat¬ 
ing  Defensio’s  APIs  into  their  Web  sites.  About 
10,000  blogs  are  said  to  have  started  using  it. 
Websense  expects  to  continue  the  Defensio 
model  of  use,  even  as  it  adds  Defensio-based 
protections  to  its  own  tools  and  services,  such 
as  ThreatSeeker. 

www.nwdocfinder.com/8544 

Sentilla  measures  power  use.  Sentilla  has 
released  a  product  that  measures  the  electric¬ 
ity  being  consumed  by  individual  servers  in  a 
data  center,  and  makes  recommendations 
based  on  those  usage  levels  to  help  cut  en¬ 
ergy  bills,  the  company  announced  last  week. 
Called  the  Sentilla  Energy  Manager  for  Data 
Centers,  the  product  uses  small,  Java-based 
devices  that  plug  into  the  back  of  each  server 
and  measure  the  actual  and  “reactive”  power 
flowing  to  each  machine.The  devices  aggre¬ 


gate  the  data  over  a  wireless  mesh  network 
and  send  it  to  a  Web-based  administrative 
console  to  give  a  detailed  view  of  the  power 
being  used  by  each  server. The  product  can 
identify  servers  that  are  drawing  power  but 
not  running  any  load,  or  can  be  used  to  com¬ 
pare  energy  use  among  servers  from  different 
vendors  or  in  different  configurations,  said 
Bob  Davis,  Sentilla’s  CEO.  It  also  works  with 
storage  gear,  www.nwdocflnder.com/8545 

Nortel  ends  mobile  WiMAX  agreement, 
exits  business.  Nortel  has  decided  to  dis¬ 
continue  its  mobile  WiMAX  business  and  end 
its  joint  agreement  with  Alvarion.The  compa¬ 
nies  entered  into  their  arrangement  in  June 
when  Nortel  decided  to  end  mobile  WiMAX 
product  development  in  favor  of  Long  Term 
Evolution.  Nortel  now  will  exit  mobile  WiMAX 
entirely  The  move  comes  as  Nortel  attempts  to 
restructure  after  filing  for  Chapter  1 1  bank¬ 
ruptcy  protection  from  creditors.  Nortel  says 
the  decision  will  allow  it  to  narrow  its 
focus,  better  manage  its  investments  and 
strengthen  its  broader  carrier  business  to 
better  position  itself  for  long-term  competitive¬ 
ness.  www.nwdocfinder.com/8546 

NAC  usage  strays  from  original  design. 

Few  customers  of  network-access  control 
use  it  for  what  it  was  intended,  preferring 
instead  to  deploy  the  security  technology  to 
keep  guests  and  contractors  away  from  cor¬ 
porate  production  networks.  In  80%  of 
deployments,  businesses  use  NAC  to  grant 
limited  access  to  users  who  have  legitimate 
reasons  to  connect  to  the  network  but  who 
aren’t  full-time  employees  warranting  full 
network  access,  according  to  a  new  report 
by  Gartner.  Establishing  that  endpoints  meet 
a  baseline  profile  —  the  reason  NAC  was 
invented  —  runs  a  distant  second,  with  only 
15%  of  deployments  restricting  network 
access  based  on  endpoint  posture  as  deter¬ 
mined  by  NAC  tests. 
www.nwdocfinder.com/8547 

Juniper  Q4  grows,  but  falls  short. 

Juniper  Networks  posted  a  14%  hike  in  fourth- 
quarter  sales  that  nonetheless  fell  short  of 
Wall  Street  expectations.  For  the  three  months 
that  ended  Dec.  31, 2008,  Juniper  recorded  rev¬ 
enue  of  $923.5  million. That  fell  short  of  con¬ 
sensus  analyst  estimates  of  $936.2  million, 
according  to  Thomson  Financial.  Earnings, 
excluding  charges,  expenses  and  other  items, 
were  in  line  with  Wall  Street  estimates:  $169 
million,  up  19%  from  a  year  ago.  For  the  full 
year,  Juniper  posted  revenue  of  $3.57  billion,  a 
26%  hike  from  2007  results.  Earnings  exclud¬ 
ing  charges,  expenses  and  other  items  were 
$650.8  million,  up  36%  from  2007.  Juniper’s 
overall  enterprise  business  was  up  17%  year- 
over-year  in  the  quarter;  enterprise  now  ac¬ 
counts  for  31%  of  Juniper’s  annual  revenue. 
www.nwdocfinder.com/8548 
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Wili  carriers  weather  the  downturn? 

Verizon,  AT&T,  Sprint  and  others  cut  infrastructure  investments 


BY  BRAD  REED 

While  Verizon  and  AT&T  have  continued  to 
post  solid  earnings  over  the  past  year,  they  are 
unlikely  to  emerge  from  the  current  recession 
unscathed. 

As  Yankee  Group  analyst  Josh  Holbrook 
notes,  carriers  often  lag  behind  the  economic 
times  because  they  sign  their  customers  to 
contracts  of  a  year  or  longer  and  demand  for 
voice  services  is  fairly  stable. Thus,  even  if  con¬ 
sumers  and  enterprises  are  hurting  financially, 
they  are  unlikely  to  change  their  telecom 
spending  habits  until  well  after  a  recession  is 
already  under  way 

So  when  the  telcos  do  start  to  feel  the  pinch 
from  the  recession,  how  will  they  adapt? 
Carriers  this  year  have  employed  one  of  the 
most  obvious  strategies  to  save  money  by  cut¬ 
ting  jobs.  Sprint,  for  instance,  last  week  said  that 
it  was  going  to  lay  off  8,000  employees,  while 
AT&T  has  decided  to  cut  12,000  workers  from 
its  payrolls  throughout  2009. 

Gartner  analyst  Tole  Hart  says  that  the 
majority  of  cuts  within  the  telecom  industry 
are  likely  to  come  from  telcos’  wireline  busi¬ 
nesses  as  more  consumers  switch  perma¬ 
nently  over  to  wireless  services.  AT&T  and 
Verizon’s  income  statements  for  2008  lend 
support  to  this  view,  as  both  companies  expe¬ 
rienced  significant  drops  in  their  wireline 
operating  revenue  while  showing  continued 
growth  in  their  wireless  operating  revenue. 

In  addition  to  layoffs,  carriers  could  slow 
planned  network  upgrades  and  other  big  capi¬ 
tal  projects.  For  instance,  both  AT&T  and  T- 
Mobile  last  week  said  that  they  were  planning 
to  focus  on  upgrading  the  performance  of  their 
3G  High-Speed  Packet  Access  wireless  data  net- 


Falling  prices 

Despite  solid  earnings  overthe  past 
year,  AT&T  and  Verizon  have  seen 
significant  drops  in  their  stock 
prices. 
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works  before  making  a  big  push  to  switch  over 
to  4G  Long  Term  Evolution  technology  Both 
companies  previously  stated  that  they  planned 
to  begin  deploying  LTE  in  2010  with  a  com¬ 
mercial  launch  slated  for  2011.  Even  so,  Hart 
says  that  unless  the  recession  gets  significantly 
worse,  he  expects  the  carriers  will  begin  rolling 
out  their  4G  systems  more  or  less  on  schedule, 
with  Verizon  leading  the  way  by  launching  its 
LTE  network  commercially  in  2010. 

“It  seems  like  AT&T  might  be  pushing  their 
commercial  deployments  back  a  bit,  but 
Verizon  seems  to  be  on  track,”  he  says.“LTE  net¬ 
works  were  always  going  to  start  out  in  big 
cities  and  then  gradually  be  built  out  to  more 
rural  areas, so  it  leaves  them  with  some  room  to 
tweak  their  plans.” 

Hart  and  Holbrook  also  see  carriers  pushing 
more  low-cost  services  to  consumers  and 
enterprise  customers.  On  the  enterprise  side, 
Holbrook  thinks  that  carriers  will  aggressively 
promote  services  that  require  little  capital 
investment  or  upgrade. 

“Think  about  an  enterprise  service  such  as 
mobile  device  management  that  has  no  capi¬ 
tal  expenditure  and  it’s  a  service  with  very  little 
capital  outlay  for  the  customer,”  he  says. 
“Carriers  can  look  at  that  and  other  managed 
services  that  are  designed  to  save  organiza¬ 
tions  money  but  that  don’t  require  any  special 
in-house  expertise.” 

On  the  consumer  side,  Hart  predicts  that 
more  users  will  gravitate  toward  prepaid  plans 
that  let  hem  purchase  pay-as-you-go  minutes 
that  can  be  refilled  over  the  Internet  and  that 
offer  unlimited  mobile-to-mobile  minutes  with 
users  on  the  same  network.  Hart  says  that  AT&T 
has  already  started  pushing  this  type  of  service 
with  its  GoPhone  service  and  smaller  wireless 
providers  such  as  MetroPCS  and  Boost  will 
also  stand  to  gain  from  promoting  their  unlim¬ 
ited  prepaid  plans  that  charge  a  flat  rate  for 
minutes  on  their  networks  and  only  charge 
extra  for  roaming  minutes. 

But  while  carriers  will  try  to  cut  their  costs 
through  less  network  investment  and  by  offer¬ 
ing  less  capital-intensive  services,  both  Hart 
and  Holbrook  expect  carriers  to  continue 
spending  lavishly  on  smartphone  subsidies. 
Although  carriers  are  taking  big  initial  hits  by 
offering  consumers  devices  such  as  the  Apple 
iPhone  and  the  BlackBerry  Storm  for  $200 
each,  Hart  and  Holbrook  say  they  are  making 
up  for  it  with  growth  in  their  wireless  data  rev- 
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enues.Indeed,  because  telcos’ wireless  services 
are  by  far  their  fastest-growing  business  seg¬ 
ment,  it  makes  sense  for  them  to  try  to  maxi¬ 
mize  their  earning  power  by  hooking  users 
onto  both  voice  and  data  plans. 

“1  do  see  these  generous  subsidies  lasting 
because  wireless  right  now  is  the  only  thing 
that’s  driving  growth,”  Holbrook  says.“We’re  in  a 
climate  where  no  ship  is  safe  and  carriers  are 
battening  down  the  hatches  for  the  tumul¬ 
tuous  times  ahead.”  ■ 


InBrief 


Whirlpool  chooses  IBM  for  IT 
services 

IBM  has  inked  a  deal  to  provide  Whirlpool 
with  an  array  of  IT  and  process  standard¬ 
ization  services  that  are  aimed  at  improving 
the  home  appliance  manufacturer's  opera¬ 
tions  and  better  aligning  IT  with  the  busi- 
ness.The  multi-year  agreement  includes 
mainframe,  server,  storage,  network,  desk¬ 
side  support  and  help  desk  services.  Under 
the  terms  of  the  deal,  IBM  will  provide 
Whirlpool  infrastructure  services  in  more 
than  40  countries,  beginning  in  June.  While 
an  IBM  spokeswoman  says  Whirlpool  has 
requested  to  keep  the  new  contract  value 
and  duration  undisclosed,  the  two  compa¬ 
nies  have  been  working  together  for  more 
than  20  years.  Whirlpool  has  been  an  IBM 
hardware  and  software  customer  and  IBM 
has  provided  "limited  services"  to  the  com¬ 
pany  in  Asia  and  Latin  America. 

Backup  merger  unites 
Barracuda,  Yosemite 

Barracuda  Networks  has  swallowed 
YosemiteTechnologies  to  enhance  the  capa¬ 
bilities  of  its  data  backup  product,  the  com¬ 
pany  announced  last  week.  With  the  addition 
of  software  agents  from  Yosemite,  Barra¬ 
cuda  can  offer  incremental  backups  of  such 
applications  as  Microsoft  Exchange  Server 
and  SQL  Server,  as  well  as  Windows  sys¬ 
tem  states,  said  Stephen  Pao,  vice  presi¬ 
dent  of  product  management  at  Barracuda, 
which  specializes  in  e-mail  and  Web  secu¬ 
rity  appliances.The  Yosemite  software  also 
adds  administrative  options  such  as  config¬ 
uration,  policy  and  reporting. The  new  fea¬ 
tures  have  already  been  integrated  for  no 
additional  charge  into  the  Barracuda 
Backup  Server.Terms  of  the  deal  were  not 
disclosed. 
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Disk-drive 


encryption  gains  ground 


BY  ELLEN  MESSMER 

The  Opal  industry-standards  effort  unveiled 
last  week  by  the  Trusted  Computing  Group 
should  prove  a  boon  to  IT  professionals  explor¬ 
ing  desktop  encryption  options. 

The  Opal  Security  Subsystem  Class  Spe¬ 
cification  1.0,  as  it’s  officially  called,  offers  a 
set  of  mechanisms  and  protocols  for  disk- 
drive  encryption,  authentication,  configura¬ 
tion  and  policy  management.  Implemented  in 
disk  drives  and  supporting  client  and  security- 
management  software,  Opal  will  provide  IT 
managers  with  flexibility  and  interoperability 
in  managing  computers  using  Opal-based 
encryption. 

“That’s  what  we  expect  with  this,  the  ability  to 
mix  and  match,  and  we’re  keeping  an  eye  on  it 
going  forward,”  says  Ken  Waring,  IT  director  at 
CBI  Heath,  the  Toronto-based  Canadian  health¬ 
care  provider,  which  today  uses  Seagate 
Technology’s  embedded  disk-drive  encryption 
in  Dell  computers  with  Wave  Systems  manage¬ 
ment  software,  to  protect  sensitive  data. 

While  CBI  Health  has  found  hardware-based 
disk  encryption  an  excellent  way  to  protect 
data,  the  only  negative  is  “it’s  restricting  us  to 
one  model,”  Waring  says.  Opal  promises  to 
bring  a  new  level  of  interoperable  security  so 
that  IT  managers  could  mix  and  match  manu¬ 
facturers’  Opal-based  disk  drives  and  vendor 
software-management  tools. 

Backers  of  TCG’s  Opal  initiative,  which  uses 
the  Advanced  Encryption  Standard  (AES), 
include  disk-drive  manufacturers  Fujitsu, 
Hitachi  and  Seagate,  as  well  as  software  ven¬ 
dors  Wave,  WinMagic  Data  Security,  Crypto- 
Mill  Technologies  and  others.  Fujitsu,  for 
instance,  is  promising  Opal  support  in  its 
5400  rpm  and  7200  rpm  Notebook  drives  dur¬ 
ing  the  second  quarter. 

“The  basic  objective  is  how  do  we  embed 
security  in  the  drive,  to  have  encryption  and 
authentication,  and  do  it  in  a  standardized 
way  so  it  works  no  matter  what  drive  you 
have,”  says  Lark  Allen,  vice  president  of 
development  at  Wave,  which  has  demon¬ 
strated  Opal-based  interoperability  with  its 
Trusted  Drive  Manager  working  with 
Fujitsu’s  Opal  implementations. 

Opal  is  among  the  latest  efforts  to  satisfy  the 
growing  corporate  demand  for  disk  encryp¬ 
tion.  According  to  Forrester’s  survey  of  942  IT 
and  security  managers  in  North  America  and 
Europe,  full-disk  encryption  was  cited  as  the 
top  client  security  technology  to  be  piloted  or 
adopted  this  year. 

Encryption  is  fast  becoming  a  necessity  for 
both  stored  and  in-transit  data.  In  some  indus¬ 
try'  sectors,  particularly  healthcare  in  the 
United  States  and  abroad,  encryption  is  neces¬ 
sary  to  satisfy  regulatory  requirements. 

The  Department  of  Health  requires  that 
no  patient  data  be  sent  unless  it’s  en- 


**Encryption 
simply  comes 
down  to  pru¬ 
dence  regardless 
of  regulations.55 

Ken  Waring 

IT  director  at  CBI  Heath 

crypted,”  explains  Saeed  Umar,  the  IT  project 
manager  at  Lancashire  Teaching  Hospitals 
NHS  Foundation  Trust,  based  in  London. The 
hospital  system,  which  provides  healthcare 
to  hundreds  of  thousands  of  individuals  and 
educates  medical  students  from  the 
University  of  Manchester  and  the  University 
of  St.  Andrews,  has  a  staff  of  6,500  and  about 
4,000  PCs. 

The  healthcare  organization  two  years  ago 
settled  on  using  Voltage  SecureMail  to  encrypt 
sensitive  information  that  was  e-mailed, 
because  it  works  without  requiring  client  soft¬ 
ware  on  the  receiving  end, Umar  says.“I  wanted 
e-mail  anywhere,  and  this  works  to  send  e- 
mails  anywhere  securely  he  says. 

Umar’s  next  important  encryption  project  in¬ 
volves  deploying  McAfee’s  Endpoint  En¬ 
cryption  (formerly  called  SafeBoot)  on  about 
400  laptops  for  data  protection,  he  says,  adding 


BY  JON  BRODKIN 

Venture  capitalists  dramatically  reduced 
investment  levels  in  network  start-ups  at  the 
end  of  2008,  according  to  new  research. 

Investors  gave  $27  million  to  network  start-up 
and  seed  vendors  in  the  fourth  quarter  of  2008, 
about  a  third  of  the  amount  invested  in  the  pre¬ 
vious  quarter  and  a  fifth  of  the  amount  in¬ 
vested  in  the  last  quarter  of  2007,  when  start-up 
investments  exceeded  $136  million. 

Additionally,  the  $27  million  was  the  lowest 
quarterly  total  seen  in  14  years  of  data  pro¬ 
vided  to  Network  World  by  Pricewaterhouse- 
Coopers  and  the  National  Venture  Capital 
Association,  authors  of  the  quarterly  Money- 
Tree  Report. 

Those  groups  track  U.S.  venture  capital 
investments  across  all  industries,  and  provide 
Network  World  with  data  specific  to  network 
vendors,  including  makers  of  hardware,  tele¬ 
com  products,  network-related  software  and 
Internet-related  technology 


that  the  British  government’s  health  authorities 
are  mandating  it. 

There’s  open  debate,  however,  over  the  per¬ 
ceived  advantages  and  disadvantages  of  de¬ 
ploying  software-based  disk  encryption  based 
on  products  from  security  vendors  vs.  deploy¬ 
ing  hardware-embedded  disk-drive-based 
encryption  that’s  become  available  from  disk- 
drive  manufacturers. 

CBI  Health’s  Waring  says  his  organization  did 
adopt  software-based  encryption  for  its  older 
computers.  His  experience  with  software- 
based  full-disk  encryption  has  been  much  less 
satisfactory  than  his  experience  using  Dell 
computer,  Seagate-based  disk-drive-based  en¬ 
cryption,  he  says  (he  prefers  not  to  divulge  the 
specific  software  vendor). 

“We  had  problems  with  the  installation  of  the 
software-based  product,”  Waring  says.  In  a  few 
instances,  the  encryption  software  was  unin¬ 
stalling  itself,  apparently  due  to  bugs  related  to 
the  software  keys. 

When  Waring  asks  his  IT  staff  today  which 
they  prefer  to  manage,  the  answer  has  over¬ 
whelmingly  been  the  hardware-based 
encryption. 

“It’s  been  no  stress,”  Waring  says,  predicting 
the  future  probably  will  see  every  disk  drive 
capable  of  encryption,  and  the  best  direction 
for  this  would  be  fewer  proprietary  implemen¬ 
tations  for  them  if  security  standards  efforts 
such  as  Opal  truly  work  out  in  practice.  ■ 


As  a  whole,  network  vendors  collected 
$1.8  billion  from  venture  capitalists  in  the 
fourth  quarter  of  2008,  slightly  less  than  in  the 
third  quarter, but  nearly  all  of  that  went  to  early- 
stage,  expansion  and  later-stage  companies  as 
opposed  to  newly  founded  start-ups. This  con¬ 
tinues  a  trend  in  which  venture  capitalists  are 
avoiding  new  vendors  because  they  have  not 
yet  gained  liquidity  on  previous  investments. 

“There’s  still  a  good  appetite  for  these  [net¬ 
work]  companies,”  says  Tracy  Lefteroff.a  global 
managing  partner  of  PricewaterhouseCoop- 
ers.“But  in  the  longer  term,  until  you  see  some 
liquidity,  I’m  not  sure  you’re  going  to  see  a 
ramp-up  of  new  investment  in  the  area.” 

The  market  for  start-up  IPOs  and  mergers 
and  acquisitions  will  probably  be  weak 
throughout  2009,  Lefteroff  says. 

In  all  industries,  the  MoneyTree  Report  iden¬ 
tified  3,808  deals  totaling  $28.3  billion  in  2008. 
That  represents  an  8%  decrease  in  dollars  from 
2007,  and  a  4%  decrease  in  deal  volume.  ■ 


Venture  investments  plummet 
for  network  start-ups 
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Starting  a  website 


this  year? 

Choose  the  best. 


Special  offers  < 
February  28th! 


As  the  world's  largest  web  hosting  provider,  1&1  offers  website 
plans  for  every  skill  level  and  budget.  As  a  1&1  customer,  you  are 
not  only  assured  that  your  website  is  up  and  secure,  but  you'll  also 
get  the  tools  that  you  need  to  maintain  an  innovative  web  presence. 


BEGINNER  PACKAGE 


Easy  and  affordable,  it's  the  perfect  way  to  get 
started  on  the  web.  Includes  a  domain,  website 

building  tool,  photo 
gallery,  blog  and 


per  month 


more! 


HOME  PACKAGE 


Whether  it's  for  a  personal  website  or  a  small 
home  business,  this  package  includes  all  the 

basics  -  2  domains, 
site-building  tools 

per  month  and  more! 


BUSINESS  PACKAGE 


Everything  you  need  for  a  successful  business 
website.  3  domains,  E-mail  Marketing  Tool,  search 
engine  optimization  tool,  search  advertising 
vouchers  and  more! 


3  months 


HURRY!  Special  offer  ends  February  28th. 
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DEVELOPER  PACKAGE 


This  premium  web  hosting  package  gives  you  5 
domains,  300  GB  web  space,  3,000  GB  monthly 
transfer  volume,  GeoTrust  Dedicated 
m  SSL  Certificate  and  more! 


HURRY!  Special  offer  ends  February  28th. 


Offer  valid  through  February  28,  2009.  Discount  applied  to  the  first  3  months  of  a  12  month  minimum  contract  term, 
S9.99  setup  fee  applies.  Visit  www.landl  .com  for  full  promotional  offer  details.  Product  and  program  specifications, 
availability  and  prices  subject  to  change  without  notice.  1&1  andthel&l  logo  are  trademarks  of  1  &1  Internet  AG,  all  ’ 
other  trademarks  are  the  property  of  their  respective  owners.  ©  2009  1&1  Internet,  Inc.  All  rights  reserved.  •  i 
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enterprise  networking  market  and  picking  its 
battles  strategically!’ 

HP’s  weapons  for  this  battle  include  a  new 
switch  line  optimized  for  top-of-rack  data  cen¬ 
ter  switching  applications.  The  6600  line 
includes  five  Gigabit  and  10  Gigabit  Ethernet 
switches,  all  in  1RU  form  factors  but  in  a  vari¬ 
ety  of  configurations. 

Indiana  University  is  putting  the  6600 
through  its  paces  in  preparation  for  building  a 
new  data  center.  It  currently  has  two,  which 
support  about  1,700  servers. 

“As  we  started  looking  at  our  require¬ 
ments,  it  made  a  lot  of  sense  for  us  to  move 
from  an  end-of-rack  switching  model  to  a 
top-of-rack  switching  model,” says  Matt  Davy, 
chief  network  architect  for  the  university. 
“The  6600  has  a  lot  of  interesting  features 
for  top-of-rack.” 

Indiana  University  also  is  evaluating  Cisco 
Nexus  5000  switches  for  this  application.  The 
school  is  implementing  a  top-of-rack  architec¬ 
ture  to  lower  the  cost  of  increasing  gigabit 
densities  that  server  virtualization  presents,  as 
well  as  an  eventual  migration  to  10G  Ethernet, 
Davy  says. 

“Doing  10G  at  top-of-rack  is  definitely  more 
cost  effective  because  of  the  SFP+  direct- 
attached  cables  reducing  your  connection 
cost  to  the  servers,”  Davy  says. 

The  server  module  for  HP  ProCurve’s  8200 
and  5400  zl  switches  is  called  the  ProCurve 
One  Services  zl  Module.lt  is  based  on  an  Intel 
T7500  Core  2  Duo  processor  with  4GB  of 
memory,  4GB  of  flash  memory,  and  a  250GB 
hard  drive. 

The  zl  module  has  two  10G  Ethernet  con¬ 
nections  to  the  switch  backplane,  and  future 
capabilities  include  virtualization,  scalability, 
other  form  factors,  and  closer  coupling  with 
the  switch  management  and  forwarding 
plane,  HP  says. 

The  zl  module  runs  software  applications 
from  Microsoft  (security  and  network 
access),  McAfee  (Web  security,  filtering  and 
IPS),  Avaya  (unified  communications),  F5 


The  Nexus  2000  Fabric  Extender  is 
designed  to  connect  an  increasing 
number  of  servers  to  Cisco’s  unified 
data  center  fabric  design. 


Networks  (application  delivery  control  and 
load  balancing),  Riverbed  Technology 
(WAN  optimization)  and  others.  A  single  zl 
module  can  run  only  run  one  application, 
however,  but  two  modules  can  run  in  one 
8200  or  5400  switch  chassis. 

City  College  of  San  Francisco  is  using  the  zl 
module  to  run  a  network  monitoring  appli¬ 
cation  from  HP  partner  InMon  Corp. 
“InMon’s  Traffic  Sentinel  on  the  module  han¬ 
dled  all  the  sFlow  reporting  we  threw  at  it 
with  lower  CPU  utilization  rates  than  our  pro¬ 
duction  server,”  says  Glen  Van  Lehn,  network 
engineer  at  the  college.“This  gave  me  a  server 
with  zero  footprint  —  no  extra  space  (assum¬ 
ing  an  empty  slot),  no  extra  electrical  outlets 
or  UPS  outlets,  and  no  extra  Ethernet  ports  as 
the  two  10  Gigabit  interfaces  plug  directly  into 
the  backplane,”  he  says. 

The  6600  switches  are  priced  at  $4,700  to 
$18,000,  and  are  expected  to  be  available  in 
the  first  half  of  this  year.The  Services  zl  Module 
costs  $6,000  and  is  expected  to  be  available  in 
February 

To  protect  its  own  data  center  turf,  Cisco  is 
rolling  out  the  Nexus  7018,  Nexus  5010  and 
Nexus  2000  Fabric  Extenders. The  Nexus  7018 
joins  the  Nexus  7000  Series  with  an  18-slot 
chassis  that  provides  as  many  as  16  1/0  mod¬ 
ule  slots  supporting  as  many  as  512  10G 
Ethernet  ports  —  twice  the  density  of  the 
Nexus  7010,  which  debuted  a  year  ago. 

The  Nexus  5010  is  a  28-port,  1RU  switch  sup¬ 
porting  10G  Ethernet,  Cisco’s  version  of  a  loss¬ 
less  Data  Center  Ethernet,  Fibre  Channel  over 
Ethernet  and  Fibre  Channel.  These  features 
enable  it  to  consolidate  traffic  from  LANs, stor¬ 
age-area  networks  and  server  clusters  onto  a 


single  unified  fabric,  Cisco  says. 

The  Nexus  2000  Series  Fabric  Extender  is 
intended  to  support  an  increasing  number  of 
servers  and  increased  demand  for  bandwidth 
from  each  server.  The  Nexus  2148T  Fabric 
Extenders  connect  to  dual  Cisco  Nexus  5020 
switches  and  are  designed  to  improve  scala¬ 
bility  by  supporting  as  many  as  2,496  Gigabit 
Ethernet  servers. 

Enhancements  for  the  Catalyst  6500  line 
include  an  in-service  software  upgrade  and 
support  for  long-range  integrated  10G 
Ethernet  optics  to  reduce  the  time  needed  for 
planned  network  maintenance  and  to  facili¬ 
tate  virtual-machine  mobility  across  data  cen¬ 
ters.  The  Catalyst  switches  also  will  be  getting 
some  IOS  software  that  lets  them  control  the 
energy  usage  of  attached  devices.  Called 
EnergyWise,  the  software  was  developed 
under  the  code  name  Big  Bang. 

EnergyWise  is  designed  to  proactively 
measure,  report  and  reduce  the  energy  con¬ 
sumption  of  IP  devices.  The  software 
includes  APIs  to  Cisco  third-party  partner 
packages  that  will  enable  the  management 
of  power  consumption  for  entire  building 
systems,  such  as  lights,  elevators,  and  air  con¬ 
ditioning  and  heating,  Cisco  says. 

“By  attaching  more  things  to  the  network, 
it  allows  you  to  make  better  decisions 
around  energy”  says  Zeus  Kerravala,  an  ana¬ 
lyst  with  The  Yankee  Group.  “This  can  be 
extended  to  security  as  well  —  you  can  turn 
cameras  on  in  certain  areas.  So,  there’s  a  lot 
of  benefits  for  it.” 

EnergyWise  will  roll  out  in  three  phases.  In 
the  first  phase,  it  will  be  supported  on  Catalyst 
switches  and  manage  the  energy  consump¬ 
tion  of  networked  IP  devices,  such  as  phones, 
video  surveillance  cameras  and  wireless 
access  points. 

The  next  phase  will  include  expanded  indus¬ 
try  support  of  EnergyWise  on  such  IT  devices 
as  PCs,  laptops  and  printers.  In  the  final  phase, 
EnergyWise  will  be  extended  to  the  manage¬ 
ment  of  building  system  assets,  such  as  heat¬ 
ing,  ventilation  and  air  conditioning;  elevators; 
lights;  employee  badge  access  systems;  fire 
alarm  systems;  and  security  systems. 

Cisco  last  week  acquired  Richards-Zeta,  a 
company  that  develops  middleware  designed 
to  enable  computers  and  building  systems  to 
be  controlled  by  switches  and  routers  in  an  IP 
network. 

EnergyWise  is  a  free  software  upgrade  to 
existing  Catalyst  switches  and  is  expected  to 
be  available  this  month.  It  will  support  fixed- 
configuration  switches  initially  with  chassis- 
based  systems  —  the  Catalyst  4500  being  the 
first  —  to  follow  on  later.  ■ 
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Quad-Core  AMD  Opteron™  1356,  4  x  2.3  GHz, 
8  GB  DDR  RAM,  2  x  1,000  GB  Hard  Drive _ 


Need  a  server  for  your 
small  business? 

Look  no  further. 


Introducing  1&1  Premium  Servers,  a  powerful  new  line  of 
dedicated  servers  specifically  designed  for  high  performance 
needs.  Featuring  energy  efficient  technology,  these  top-of-the-line 
machines  reduce  costs  and  environmental  impact  with  increased 
performance-per-watt. 


All  1&1  Premium  Servers  include*: 

RAID 

Plesk  8  with  100-domain  license 
FTP  backup  space 

Serial  Console:  Connect  directly  to  the  serial  port 
of  your  server,  even  if  the  network  is  down. 

Recovery  Tool:  Load  rescue  image  and  reboot  server. 
GeoTrust  Dedicated  SSL  certificate  (a  $49  value!) 
Easy-to-configure  firewall  and  more! 
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1&1  BUSINESS  SERVER  II 


Dual-Core  AMD  Opteron™  1218,  2  x  2.6  GHz, 
4  GB  DDR  RAM,  2  x  500  GB  Hard  Drive 


HURRY!  Special  offer  ends  February  28th. 


1&1  ENTERPRISE  SERVER  I 


Quad-Core  AMD  Opteron™  1352,  4  x  2.1  GHz, 
4  GB  DDR  RAM,  2  x  750  GB  Hard  Drive 


3  months 
FREE!* 


HURRY!  Special  offer  ends  February  28th. 


1&1  ENTERPRISE  SERVER  II 


HURRY!  Special  offer  ends  February 


*  Offer  valid  through  February  28,  2009.  Prices  based  on  Linux  servers.  Discount  applied  to  first  3  months  of  a  12  month 
minimum  contract  term,  $99  setup  fee  applies.  See  www.1and1.com  for  full  promotional  offer  details.  Certain  features  not 
available  with  Managed  Servers.  Product  and  program  specifications,  availability  and  prices  subject  to  change  without  notice. 
1&1  and  the  1&1  logo  are  trademarks  of  1&1  Internet  AG,  all  other  trademarks  are  the  property  of  their  respective  owners. 
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IT  pay  takes  a  hit 

Pay  for  noncertified  and  certified  skills  on  the  decline  going  into  2009 


BY  DENISE  DUBIE 

IT  salaries  won’t  be  spared  from  the  eco¬ 
nomic  malaise  plaguing  North  America, 
according  to  recent  research  that  confirms 
pay  for  noncertified  and  certified  IT  skills 
declined  in  late  2008  and  is  expected  to  fall 
further  in  2009. 

IT  pay  for  noncertified  skills  has  been  on  the 
rise  consistently  since  mid-2004,but  the  current 
economic  climate  has  taken  its  toll,  according 
to  Foote  Partners’  IT  Skills  and  Certifications  Pay 
Index,  which  tracks  pay  for  354  skills  and  certi¬ 
fications  earned  by  22,550  IT  professionals  in 
the  United  States  and  Canada.The  average  mar¬ 
ket  value  for  179  noncertified  IT  skills  dropped 
0.5%  in  the  last  three  months  of  2008,  the  first 
time  in  several  quarters.  Pay  for  the  175  IT  certi¬ 
fications  Foote  Partners  follows  dropped  1%  in 
the  last  quarter  and  5%  for  the  year. 

“It  was  inevitable  for  skills  pay  to  start  reflect¬ 
ing  the  hard  times  we’re  in. This  is  not  the  first 
time  in  10  years  tracking  skills  and  certifica¬ 
tions  pay  and  demand  that  we’ve  seen  correc¬ 
tions  brought  on  by  economic  conditions, ’’said 
David  Foote,  co-founder,  CEO  and  chief 
research  officer  at  the  firm,  in  a  statement. 

Among  the  noncertified  skills  that  saw  a 
decline  in  the  last  quarter  of  2008  are  applica¬ 
tions  development  tools  and  language  skills, 
with  the  average  median  down  nearly  2%. 
Others  include  SAP  and  enterprise  application 
skills,  which  experienced  a  1.7%  decrease  in 
pay  and  pay  for  operating  systems  skills  fell 
about  1.6%  on  average.  Web  and  e-commerce 
skills  pay  dropped  about  1.5%,  and  average 
compensation  for  systems  and  networking 
skills  decreased  by  0.8%  during  the  quarter. 

Certified  skills,  which  have  been  seeing  drops 
in  pay  since  2006,  saw  more  significant 
decreases  in  the  last  quarter,  according  to 
Foote  Partners’  research.  For  instance,  pay  for 
Web  development  skills  fell  16.3%,  and  those 
with  application-development  and  program¬ 
ming-language  skills  experienced  average 
decreases  of  5.3%.  Other  certification  areas  that 
dipped  into  the  loss  area  include  certified  sys¬ 
tems  administration  and  engineering  and  net¬ 
work  operating-systems  skills,  which  dropped 
2.2%  during  the  last  quarter  of  2008  and  9.7% 
for  the  year. 

Yet  the  news  isn’t  all  bad.  Foote  Partners’ 
research  revealed  key  skill  areas  in  which  pay 
increased  in  late  2008  and  could  continue  to 
grow  in  the  coming  months.  Clearly  an  urgent 
demand  for  talent  in  several  areas  is  eclipsing 
broad,  knee-jerk  reactions  to  reduce  budgets 
and  cut  people,  projects  and  purchases  with¬ 
out  thinking  carefully  about  the  conse¬ 
quences.”  Foote  said.  “It’s  about  how  smart 
they’re  spending  what  they  have.” 

For  instance,  noncertified  skills  in  manage¬ 


ment,  methodology  and  process  earned  5.6% 
more  in  pay  while  pay  for  database  skills 
increased  by  2.9%,  and  messaging  and  com¬ 
munications  skills  pay  saw  an  increase  of  2.8%. 

As  for  certified  skills,  project  management 
and  architecture  skills  pay  experienced  a  3.1% 
increase  in  the  last  quarter  (10%  for  the  year), 
and  IT  security  pay  ticked  upward  by  0.8%.  Pay 
for  IT  certifications  for  networking/internet- 


BY  JOHN  COX 

In  two  weeks,  South  Carolina  will  find  out  if 
its  educational  wireless  spectrum  is  a  gold 
mine  or  an  albatross. 

On  Jan.  2,  a  recently  created  state  commis¬ 
sion  released  an  RFP  inviting  bids  on  67 
Educational  Broadband  Service  (EBS)  licens¬ 
es,  originally  issued  decades  ago  for  one-way 
analog,  educational  TV  broadcasts  allowing  a 
lecture  to  be  watched  in  multiple  classrooms, 


working  skills  grew  1.1%  in  the  last  part  of  2008. 

“The  fact  is  that  employers  made  mistakes  in 
past  downturns,  huge  miscalculations  in  the 
heat  of  cost-cutting  that  hurt  them  later  on,” 
Foote  said.“Employers  are  obviously  now  aware 
that  continuing  to  invest  strategically  in  IT  skills 
and  labor  is  the  smartest  thing  they  can  possi¬ 
bly  do  to  make  it  to  the  other  side  of  this  reces¬ 
sion  as  stronger,  undiminished  enterprises.”® 


for  example.  There’s  enough  of  this  2.5GHz 
spectrum  not  only  to  cover  nearly  every  square 
inch  of  the  state  but  also  to  shower  5.6  million 
residents  with  multichannel,  wireless  broad¬ 
band  voice,  video  and  data  services. 

All  that  is  possible  because  the  FCC  in  2004 
and  2006  revamped  the  2.5GHz  rules.  One  key 
change  let  EBS  holders  lease  out  as  much  as 
95%  of  their  spectrum,  which  is  rarely  used  for 
See  South  Carolina,  page  30 


South  Carolina  wants  to  repurpose  a  chunk  of  2.5GHz  spectrum  that  FCC  rules 
now  permit  to  be  leased  to  commercial  enterprises.  Shown  are  the  overlapping 
and  contiguous  license  areas  in  two  of  seven  blocks  of  spectrum,  color-coded. 
Statewide  wireless  networks  potentially  could  serve  large  numbers  of  users. 


Wireless  spectrum  plan 
faces  uphill  battle 
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Get  ready  for  high-def  voice 

It  will  be  years  before  it’s  pervasive,  but  preparing  now  will  help 


HD  voice  cautions 

The  quality  of  high-definition  voice  is  better  than  traditional  toll-quality 
voice,  but  it  requires  the  right  gear  and  the  right  network  conditions. 
And  watch  the  price. 


HD  handsets  generally  cost  more 
than  regular  handsets  and  may 
use  more  power.  Annual  licensing 
fees  may  come  into  play. 


The  public  leg  of 
an  HD  voice  call 
can  knock  it  back 
to  toll  quality. 


Codecs  at  endpoints 
need  to  be  compatible  or 
the  phones  negotiate 
down  to  lower  quality. 


BY  TIM  GREENE 

High-definition  voice  —  a  rarity  in  todays 
business  networks  —  is  becoming  more  com¬ 
mon,  so  it  makes  sense  for  corporate  telepho¬ 
ny  executives  to  figure  out  now  how  they  will 
make  the  transition,  experts  say 

IP  PBX  vendors  can  issue  software  upgrades 
to  support  better-quality  voice  calls,  but 
upgrading  handsets  and  getting  service 
providers  onboard  with  the  technology  is  a 
more  complex  proposition  that  needs  to  be 
thought  through,  they  say 

The  benefits  of  HD  or  wideband  voice 
include  an  easier  understanding  of  what  is 
being  said  and  a  more  authentic  reproduction 
of  live  speech,  both  of  which  are  essential  in 
immersive  telepresence  systems  that  generate 
the  illusion  that  conference  participants  are 
seated  across  from  each  other  in  the  same 
room, says  Jerry  Knight,  CTO  of  Accessline,  the 
audio  services  arm  of  video  service  provider 
Telanetix. 

“Video  perhaps  is  not  as  important  as  audio 
in  creating  that  impression  "Knight  says.’Audio 
is  at  least  as  important.” 

The  benefits  of  HD  are  not  so  obvious  in 
voice-only  uses.  But  the  difference  can  be  sig¬ 
nificant  especially  with  speakerphones  and 
when  talking  to  people  with  strong  accents, 
where  every  bit  of  clarity  helps,  says  Jeff 
Rodman,  Polycom  co-founder  and  CTO  of  its 
voice  communication  branch.  “In  these  cases 
we  need  all  the  clues  we  can  get,”  he  says. 

HD  voice  gives  better  quality  than  what  used 
to  be  the  premier  telephony  standard  in  the 
public-switched  telephone  network  —  toll- 
quality  voice. 

HD  voice  generates  frequencies  at  the  high 
end  of  human  speech  that  toll-quality  voice 
cuts  off.  In  practical  terms  this  means  being 
able  to  hear  the  difference  between  words 
such  as  “pig”  and  “fig”  without  asking  whether 
that’s  a  p  as  in  Peter  or  an  f  as  in  Frankenstein. 

Wideband  voice  increases  the  top  frequency 
range  covered  by  the  voice  coder-decoders 
(codec)  from  about  4  kHz  to  something  high¬ 
er,  typically  7  kHz,  but  it  can  go  even  higher  to 
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14  kHz  or  20  kHz.  One  consequence  of  this 
wider  band  is  the  need  to  sample  speech 
more  times  per  second  in  order  to  capture 
more  of  its  subtleties.  Rather  than  8,000  times 
per  second,  sampling  jumps  to  48,000  times 
per  second. 

That  means  the  VoIP  phones  supporting  HD 
need  more  powerful  processing  and  memory 
both  of  which  cost  more,  but  with  Moore’s  Law 
applied  to  the  phones,  the  cost  differential  is 
narrowing.  For  example,  Polycom’s  SoundPoint 
IP  501  phone  with  Power  over  Ethernet  (PoE) 
and  three  lines  but  with  no  wideband  support 
costs  $295.  A  roughly  comparable  SoundPoint 
IP  550  with  PoE,  four  lines  and  HD  support 
costs  $369. 

As  Polycom  introduces  HD  phone  models,  it 
is  phasing  out  the  equivalent  narrowband 
phone,  so  eventually  all  its  line  will  support 
wideband  and  remain  backward  compatible 
with  narrowband,  Rodman  says. 

Because  the  endpoints  and  the  networks 
between  the  endpoints  must  both  support 
HD  voice  in  order  for  it  to  work,  most  wide¬ 
band  deployments  are  within  corporations, 
not  between  them, says  William  Bumbernick, 
CEO  of  hosted  VoIP  provider  Alteva.’The  abil¬ 
ity  to  call  a  different  company  on  a  different 
carrier  and  completing  an  HD  call  is  becom¬ 
ing  more  and  more  expected,”  he  says,  but 
“today,  the  chances  are  still  pretty  slim  that 
that  will  happen.” 

If  wideband  voice  is  to  become  a  reality,  car¬ 
riers  must  invest  in  upgrades  to  their  VoIP  net¬ 
works,  and  that  could  take  five  to  10  years, 
Knight  says,  although  Rodman  is  more  opti¬ 
mistic,  estimating  three  to  five  years.  To  estab¬ 
lish  HD  VoIP  calls  using  Session  Initiation 
Protocol,  networks  must  have  the  intelligence 
to  negotiate  the  use  of  HD  codecs. 

Despite  its  advantages,  HD  voice  is  not  for 


everybody.  Companies  that  have  recently 
invested  in  narrowband  VoIP  systems  may 
want  to  wait  until  their  next  upgrade  cycle, 
Bumbernick  says.  And  if  they  are  just  moving 
to  VoIP  but  have  doubts  about  whether  their  IP 
networks  will  support  it,  they  should  invest  in 
network  upgrades  first  and  foremost,  he  says. 

But  for  companies  that  have  VoIP  and  are 
looking  to  refresh  their  gear,  HD  may  be  a  wise 
investment,  he  says.  If  the  new  voice  system  is 
slated  for  an  eight-  to  10-year  life,  it  makes 
sense  to  have  it  HD-capable.  “You’re  best 
served  to  choose  technology  that  will  get  you 
as  far  down  that  eight-to  10-year  path  as  possi¬ 
ble,”  he  says. 

Once  the  IP  PBX  supports  HD,  companies 
can  upgrade  their  handsets  incrementally  to 
support  wideband,  Bumbernick  says.  Key 
executives,  for  example,  who  would  benefit 
from  clearer  calls  could  get  the  more  expen¬ 
sive  HD  phones  now,  while  others  keep  nar¬ 
rowband  handsets. 

Adhering  to  HD  codec  standards  is  essential 
if  businesses  hope  to  share  the  improved 
experience  with  partners  they  talk  to.  There 
are  several, such  as  G.722,G.722.1  and  G.722.2, 
all  of  which  produce  wideband  voice  but 
require  different  amounts  of  network  band¬ 
width  to  send  their  encoded  signals  — 
64Kbps,  24Kbps  and  10Kbps,  respectively. 

Similarly,  the  three  codecs  require  differing 
amounts  of  processing  power  —  14  MIPS,  5.5 
MIPS  and  38  MIPS.  So  there  are  trade-offs  that 
vendors  have  to  weigh. 

And  there  are  trade-offs  that  customers  have 
to  make  as  well,  Knight  says.“Except  for  specif¬ 
ic  environments  where  the  need  is  clear,  you 
would  put  HD  voice  in  the  category  of  a  luxu¬ 
ry’  he  says.  “But  if  the  choice  is  between  sys¬ 
tems  that  are  equivalent  in  cost,  then  an  HD 
option  is  something  that’s  nice  to  have.”® 
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Feds:  We  want  our  BlackBerries  too 

FEMA,  other  agencies  award  contracts  for  wireless  services,  smartphones 


MSI 


mm 


WKKKKKKBKBKBSS^M  I 

Going  mobile 

Federal  employees  are  becoming  more  mobile,  but  many  lack  gear  that 
could  make  them  more  productive,  according  to  research  from  the 
Telework  Exchange. 

•  82%  of  federal  workers  say  they  spend  work  time  outside  the  office  each  month. 

•  Federal  employees  who  use  a  smartphone  for  work  purposes  report  an  average  time 
savings  or  productivity  gain  of  54  minutes  per  day. 

•  66%  of  mobile  federal  employees  do  not  have  a  smartphone. 

•  Federal  employees  who  want  a  smartphone  say  it  will  help  them  stay  organized  and 
responsive  (cited  by  69%  of  respondents)  and  remain  connected  on  the  job  (21%). 

•  Federal  agencies  can  justify  issuing  smartphones  based  on  continuity  of  operations 
(61%),  increased  productivity  (59%)  and  support  for  telework  initiatives  (23%),  survey 
respondents  say. 

Source:  Telework  Exchange  survey  of  446  federal  workers  representing  21  agencies. 


BY  CAROLYN  DUFFY  MARSAN 

President  Barack  Obama  isn’t  the  only  U.S. 
federal  government  employee  who  wants  to 
keep  his  BlackBerry  Across  the  federal  market, 
information  workers  are  asking  for  mobile 
devices  such  as  smartphones  and  laptops  with 
wireless  data  cards  so  they  can  access  email 
and  other  Internet  services  while  they  are  on 
the  go. 

Increasingly  federal  agencies  including  the 
Federal  Emergency  Management  Agency 
(FEMA)  and  the  U.S.  Department  of  the  Interior 
are  responding  with  wireless  data  contracts 
worth  tens  of  millions  of  dollars  to  carriers. 

While  sizeable,  these  centralized  purchasing 
vehicles  are  designed  to  save  agencies  money 
compared  with  letting  field  offices  buy  their 
own  cell  phones  and  wireless  data  plans. 

In  addition,  federal  agencies  are  asking  wire¬ 
less  carriers  to  help  them  monitor  the  security 
of  their  mobile  devices  and  maintain  central¬ 
ized  inventories,  which  until  now  have  been 
spotty 

‘Agencies  have  been  paying  a  lot  for  wireless 
services  because  they’re  buying  them  in  a 
highly  decentralized  wa^’  says  Warren  Suss,  a 
Jenkintown,  Pa.,  consultant  specializing  in  the 
federal  IT  market.“Not  only  is  that  costing  them 
a  lot,  but  agencies  are  losing  visibility  and 
unable  to  keep  track  of  their  inventories. That’s 
why  agencies  are  trying  to  aggregate  their  pur¬ 
chases  of  wireless  devices.” 

For  example,  AT&T  announced  Monday  that 
it  was  awarded  a  series  of  wireless  voice  and 
data  contracts  from  FEMA  that  could  be  worth 
up  to  $50  million  over  the  next  five  years. 

AT&T  said  it  will  deliver  secure,  reliable  wire¬ 
less  data  and  voice  communications  to  FEMAs 
6,600  employees,  who  are  responsible  for  coor¬ 
dinating  the  federal  government’s  disaster 
response  and  recovery  operations. 

“What  you’re  seeing  here  with  the  FEMA 
acquisition  and  those  by  other  agencies  is  that 
they’re  looking  for  the  benefits  of  centralized 
purchasing  and  management  of  their  wireless 
devices, ’’Suss  said. “Agencies  are  getting  the  ven¬ 
dor  community  to  do  special  things  for  them 
like  have  a  single  800  number  for  a  help  line.” 

AT&T  will  provide  FEMA  with  its  Laptop- 
Connect  wireless  cards,  BlackBerry  8820  smart¬ 
phones  and  3G  LG  CU405  units,  which  provide 
Push-to-Talk  capabilities  for  first  responders. 
AT&T  will  provide  wireless  connectivity  on  its 
W'i-Fi  and  EDGE  wireless  networks. 

‘AT&T  has  a  nationwide  footprint,  and  FEMA 
needs  to  have  that,”  says  Joe  O’Bryan,  a  vice 
president  with  AT&T  Government  Solutions. 
“FEMA  was  looking  for  rapidity  of  response  in 
a  crisis,  and  we  have  the  capacity  to  handle 
their  demands.” 

AT&T  was  awarded  the  FEMA  contracts 


through  a  competitive  bid  on  Dec.  17,  but  an¬ 
nounced  them  Monday  AT&T  already  has  set 
up  a  wireless  Cell  on  Wheels  system  at  FEMAs 
headquarters  in  Mount  Weather, Va. 

“We’re  providing  four  bars  of  service  all  over 
that  campus,”  O’Bryan  says.  “That  was  just  to 
demonstrate  how  fast  AT&T  could  act  for 
FEMA.” 

AT&T’s  FEMA  win  comes  on  the  heels  of  a 
centralized  wireless  contract  that  the  Depart¬ 
ment  of  the  Interior  awarded  to  Verizon  Busi¬ 
ness  last  summer. 

Verizon  is  helping  the  department  manage 
and  track  expenses  for  more  than  22,000  mo¬ 
bile  devices.  The  Verizon  deal  could  be  worth 
as  much  as  $15  million  over  the  next  five  years. 

Verizon  is  providing  expense-management 
services  for  mobile  phones,  personal  digital 
assistants  and  other  wireless  devices  used  by 
the  Department  of  Interior  and  its  bureaus, 
which  include  the  National  Park  Service,  the 
U.S.Fish  and  Wildlife  Service  and  the  Bureau  of 
Land  Management. 

The  department  awarded  the  contract  so  it 
can  figure  out  where  all  of  its  wireless  devices 
were  deployed  and  how  much  it  was  spending 
on  wireless  services. 

Verizon  will  track  devices  from  all  wireless 
providers,  while  providing  around-the-clock 
help  desk  support  to  the  agency’s  employees. 
The  subcontractor  on  the  deal  is  ProfitLine, 
which  provides  telecom  expense  manage¬ 
ment  services. 

“The  Interior  deal... was  ahead  of  the  rest  of 
the  government,”  Suss  said.  “They  did  it  right. 
They  saved  a  lot  of  money,  and  they  have  better 
visibility  and  more  management  controls.” 

Meanwhile,  AT&T  said  it  is  providing  wireless 


devices  and  services  to  the  Internal  Revenue 
Service  and  the  U.S.  Postal  Service. 

“2008  was  a  very  strong  year  for  mobile  appli¬ 
cations,”  said  Rick  Zambrano,  vice  president  of 
Defense  Department  sales  for  AT&T  Govern¬ 
ment  Solutions,  in  a  recent  interview.“We  know 
that  the  federal  government  is  a  mobile  work¬ 
force,  with  91%  of  federal  employees  having 
worked  away  from  the  headquarters  office  at 
one  point  or  another.  Telework  has  been  a 
buzzword  that’s  been  in  the  federal  govern¬ 
ment  for  many  years,  but  from  a  wireless  per¬ 
spective  it’s  becoming  more  of  a  realityf 

Zambrano  said  AT&T  is  providing  around 
4,000  wireless  cards  to  the  IRS  that  its  inspec¬ 
tors  use  to  access  e-mail  and  internal  Web 
pages  through  a  secure  virtual  private  network 
also  operated  by  AT&T. 

‘All  of  these  Aircards  were  bought  during 

2008, ”  Zambrano  said.  “Now  that  IRS  is  getting 
used  to  this  idea,  they  can  see  their  productivi¬ 
ty  is  going  through  the  roof. . . .  Now  they  can 
think  about  other  mobile  applications  like  con¬ 
tent  distribution  and  video.” 

AT&T  also  has  sold  5,500  BlackBerry  devices 
to  the  U.S.  Postal  Service,  which  is  using  them 
for  e-mail  as  well  as  newer  applications  such  as 
fleet  management,  Zambrano  said. 

“Field  force  automation  is  a  critical  issue  for 
federal  agencies  that  are  trying  to  do  more 
with  less,” Zambrano  said. “The  issue  is  how  do 
you  get  your  people  to  become  more  produc¬ 
tive?  How  do  you  recruit  and  retain  top  talent? 
Wireless  technology  is  a  real  hot  button  with 
young,  talented  workers.” 

Suss  predicts  that  more  federal  agencies 
will  award  large,  centralized  wireless  deals  in 

2009. B 
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VMOps  aims  to  ease  cloud  setups 

Start-up  offers  cloud-computing  infrastructure  stack,  built  like  “EC2  in  a  box” 


BY  JOHN  FONTANA 

Building  a  cloud  computing  infrastructure 
can  be  a  complicated  endeavor,  but  stealth 
start-up  VMOps  hopes  to  provide  a  silver  lining 
with  its  all-in-one  infrastructure  software  that 
lets  service  providers  or  corporations  deploy 
and  host  their  own  clouds. 

Cloud  hype  revolves  around  moving  applica¬ 
tions  to  the  cloud,  attaching  to  the  cloud,  or 
integrating  with  the  cloud,  but  what  gets  little 
attention  is  what’s  required  to  build  and  main¬ 
tain  the  infrastructure  that  defines  the  cloud. 

VMOps  says  it  is  expensive  but  doesn’t  have 
to  be. 

Later  this  year,  VMOps  will  introduce  its 
VMOps  Cloud  Stack,  which  is  a  single  platform 
with  all  the  software  needed  for  deploying  a 
cloud  infrastructure.  The  company  says  it  will 
transform  building  and  maintaining  a  cloud 
platform  from  a  Herculean  effort  into  a  man¬ 
ageable  task. 

The  VMOps  Cloud  Stack  runs  on  commodity 
x86  hardware  and  includes  a  multitenant 
hypervisor  based  on  Xen  that  encompasses 
VMOps-developed  network  management  and 
storage  layers. The  result  is  an  “elastic  comput¬ 
ing  service,”  an  environment  subscribers  can 
expand  and  contract  at  will. 

Cloud  computing’s  best  known  implementa¬ 
tion  is  Amazon’s  Elastic  Computer  Cloud 
(EC2),but  Microsoft, Google, Sun  and  IBM  also 
are  building  cloud  infrastructures  and  services. 

VMOps’  vision  is  that  its  stack  will  allow  ser¬ 
vice  providers  to  easily  create  hosted  and  vir¬ 
tual-private  elastic  cloud  platforms,  or  corpora¬ 
tions  and  universities  to  build  on-premises 
cloud  platforms  that  host  services  and  offer 
users  flexibility  without  sacrificing  IT  control. 

“We  are  able  to  provide  a  one-stop  shop,” says 
Sheng  Liang,  who  founded  VMOps  just  more 
than  a  year  ago. “All  the  software  is  from  us  and 
is  built  with  off-the-shelf  technology  right  down 
to  the  hypervisor’’ 

Liang  is  no  stranger  to  new  technology  He 
developed  the  Java  Virtual  Machine  at  Sun,  co¬ 
founded  Teros  Networks  (which  was  acquired 
by  Citrix),and  was  on  the  senior  management 
teams  at  Seven  Networks  and  Openwave  Sys¬ 
tems,  where  he  helped  develop  software  prod¬ 
ucts  for  wireless  operators  and  wire-line  ser¬ 
vice  providers. 

The  VMOps  platform  is  grounded  in  what  the 
company  calls  its  multitenant  hypervisor, 
which  installs  on  bare  metal  hardware.  It  also 
includes  the  VMOps  Cloud  Server,  which  can 
manage  thousands  of  servers  running  in  the 
VMOps  multitenant  hypervisor. The  server  also 
provides  service-level  monitoring,  high  avail¬ 
ability  and  load  balancing  along  with  a  user 
GUI  and  back-office  integration  hooks. 

“We  have  a  sort  of  hardened,  improved  ver¬ 


sion  of  Xen,  and  then  on  top  of  that  we  built 
storage  and  network  virtualization  and  then 
added  management  capabilities  on  top  of  all 
that,”  Liang  says. The  hypervisor  supports  isola¬ 
tion  of  CPU,  memory,  storage  and  network 
resources  for  virtual  servers,  and  the  hypervisor 
includes  custom  code  so  it  can  handle  net¬ 
work  and  storage  virtualization. 

With  the  storage  virtualization,  the  platform 
supports  storage-area  networks,  network- 
attached  storage,  direct-attached  storage  and 
even  local  disk. 

On  the  network  side,  VMOps  has  developed 
technology  for  virtual  LAN  functionality  and 
private  networking. 

Management  tools  provide  functionality  to 
define  service  offerings,  integrate  with  back- 
office  systems,  manage  user  accounts  and  gen¬ 
erate  billing  records. 

The  user  self-service  features  allow  users  to 


BY  ROBERT  MCMILLAN,  IDG  NEWS 
SERVICE 

Is  the  worsening  economic  situation  going 
to  turn  some  employees  into  data  thieves? 

That’s  a  top  concern  among  IT  decision 
makers,  many  of  whom  say  that  laid-off 
employees  are  the  biggest  security  threat  cre¬ 
ated  by  the  economic  downturn.  In  a  McAfee- 
sponsored  worldwide  survey  (registration 
required)  of  1,000  IT  decision  makers,  the 
company  found  that  42%  of  respondents  felt 
that  laid-off  employees  represented  the 
biggest  IT  security  threat  caused  by  the  reces- 
sion.That’s  more  than  were  worried  about  out¬ 
side  intruders.  And  36%  said  that  they  were 
worried  about  security  problems  caused  by 
employees  in  financial  stress. 

Crime  rates  spike  during  hard  times,  and 
with  thousands  of  workers  being  laid  off  each 
week  now,  there  may  be  an  added  incentive 
for  employees  shown  the  door  to  take  intel¬ 
lectual  property  with  them  to  bolster  their 
chances  of  getting  hired  with  a  competitor,  to 
use  with  a  start-up  company  of  their  own,  or 
maybe  even  to  sell. 

“The  economic  downturn  across  the  board 
is  going  to  provide  additional  motivation  for 
people  who  would  want  to  do  harm, ’’said  Seth 
Bromberger,  an  information  security  manager 
with  PG&E  in  San  Francisco.  “It’s  on  a  lot  of 
people’s  radar  right  now? 

According  to  Bromberger,  companies  that 


register  for  services,  import  and  provision  virtu¬ 
al  machine  instances, and  launch  and  manage 
virtual  environments. 

“We  tried  to  build  EC2  in  a  box,”  says 
Shannon  Williams,  VMOps’s  head  of  sales  and 
marketing.  “The  whole  package  makes  this  by 
far  the  cheapest  way  to  get  going  with, say  500 
virtual  machines  running  on  a  rack.” 

VMOps  plans  initially  to  target  its  platform  at 
service  providers.  The  company  has  yet  to 
announce  pricing  for  the  platform,  which  is 
now  in  beta  and  likely  to  ship  by  year-end. 

The  technical  specifications  for  the  platform 
include  a  Dell  PowerEdge  1950/2950  server  or 
an  equivalent;  direct-attached  storage  in  the 
form  of  a  Dell  PowerVault  MD 1000/3000  or 
equivalent;  a  network  switch  such  as  the  Cisco 
3750-E  or  a  compatible  Gigabit  Ethernet 
Switch  with  a  10G  uplink;  and  a  Cisco  ASA 
5500  series  firewall.  ■ 


have  their  employee  exit  processes  in  order 
have  less  to  fear  from  laid-off  workers.  It’s  just 
that  with  the  current  economic  squeeze,  peo¬ 
ple’s  motivation  may  be  changing. 

Layoffs  can  fray  employee  loyalty,  and  there 
certainly  is  money  to  be  made  selling  all  kinds 
of  corporate  data. 

Last  August,  Rene  Rebollo,a  financial  analyst 
with  subprime  mortgage  broker  Countrywide, 
was  arrested  by  the  U.S.  Federal  Bureau  of 
investigation  for  allegedly  selling  Excel 
spreadsheets  containing  customer  informa¬ 
tion  for  about  two-and-a-half  cents  per  record. 
Over  a  two-year  period  he  may  have  made 
$70,000  from  the  scam,  the  FBI  said. His  annu¬ 
al  salary  was  $65,000. 

According  to  court  filings,  Countrywide  had 
security  software  that  disabled  the  use  of  USB 
drives  on  its  PCs.  But  Rebollo  found  one  PC 
that  didn’t  have  the  software  and  was  able  to 
download  about  20,000  records  each  week 
onto  his  personal  thumb  drive,  which  he’d 
later  e-mail  to  a  buyer,  the  FBI  said. 

USB  drives  are  one  of  the  most  underesti¬ 
mated  sources  of  data  leaks, says  McAfee  CEO 
Dave  DeWalt.“For  $100  you  can  buy  a  100GB 
drive,”  he  said.  “100GB  can  be  the  entire  cus¬ 
tomer  base  for  an  entire  large  company 

An  economic  slowdown  can  create  other 
computer  security  problems  too.  As  business¬ 
es  fail  and  are  bought,  that  churn  can  lead  to 
management  chaos  within  IT  groups.  ■ 


With  economic  slump, 
concerns  rise  over  data  theft 
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Broadband  stimulus:  aimed  at  wrong  target? 


NET  INSIDER 

Scott  Bradner 


President  Obama  is  not  happy  that  the 
United  States  is  ranked  1 5th  in  the 
world  in  broadband  adoption  and 
wants  to  fix  things  as  part  of  his  big  eco¬ 
nomic  stimulus  package.  But  it’s  not  clear 
that  the  type  of  approach  in  the  current 
draft  bill  will  help  improve  the  U.S.  ranking 
all  that  much.  Part  of  the  problem  is  that  the 
ranking  is  misleading. 

The  ranking  comes  from  the  Organization  for 
Economic  Co-operation  and  Development 
(OECD). The  OECD  report  from  last  summer 
lists  the  United  States  as  15th  in  broadband  subscribers  per  100  inhab¬ 
itants.  But  there  are  reasons  to  say  that  the  United  States  should  be 
ranked  even  lower. 

There  are  a  lot  of  statistics  on  the  OECD  Web  site  about  broadband 
usage  in  various  countries.  Let’s  start  with  the  OECD’s  definition  of 
broadband,  which  is  any  Internet  connection  with  a  download  speed 
of  256Kbps  —  hardly  high  speed  these  days. The  United  States  shows 
up  as  having  an  average  advertised  download  speed  of  8.8Mbps,  14th 
in  the  world,  but  there  are  a  lot  of  places  where  getting  an  actual 
256Kbps  would  be  a  rare  event. 

The  best  in  the  world  is  Japan  with  an  average  advertised  speed  of 
93Mbps  followed  by  France  and  Korea,  both  of  which  are  at  more 
than  40Mbps. The  United  States  looks  rather  wimpy  in  comparison. 

The  key  statistic  that  points  to  why  the  president’s  plan  may  not  help 
a  whole  lot  is  the  fact  that  the  United  States  ranks  1 1th  in  terms  of 
monthly  price  per  megabit  —  $12.60. 

This  compares  rather  poorly  with  Japan  and  France  at  under  $4  per 
month. 


The  Pew  Internet  &  American  Life  Project  just  published  the  results 
of  two  surveys  on  Internet  connectivity  it  ran  over  the  last  year. This 
report  shows  that  not  many  people  are  blocked  from  getting  broad¬ 
band  Internet  access  because  it  is  not  available  in  their  area.There  is 
no  question  that  there  are  big  parts  of  the  country  where  broadband 
access  cannot  be  obtained  unless  you  are  willing  to  use  a  satellite  ser¬ 
vice.  It  is  hard  to  tell  in  how  much  of  the  country  this  is  true  because 
of  the  poor  statistics  the  FCC  has  been  collecting. 

The  Pew  report  says  that  some  people  (more  than  15%)  have  no 
interest  in  getting  online.  Another  6%  think  the  price  is  too  high,  and 
5%  have  usability  problems.The  president’s  plan  is  unlikely  to  change 
these  numbers  much. 

The  current  draft  of  the  broadband  part  of  the  stimulus  package 
focuses  on  providing  grants  to  companies  that  are  willing  to 
deploy  wireless  or  wired  broadband  in  underserved  areas. The  bill 
mandates  open  access  to  any  services  that  result  from  such 
grants. 

But,  if  the  report  is  correct,  the  stimulus  money  and  open  access 
policies  might  only  result  in  a  few  percent  of  additional  broad¬ 
band  users  in  the  United  States.  Figuring  out  how  to  get  more 
competition  into  the  picture  so  that  prices  could  come  down 
might  yield  a  greater  return. 

Disclaimer:  Competition  does  not  bring  down  prices  in  all  areas,  for 
example  university  fees  (although  Harvard  has  an  aggressive  aid  pro¬ 
gram  to  offset  the  fees  for  many  students).  Harvard  has  not  comment¬ 
ed  on  broadband  stimulus  package  options,  so  the  above  is  my  obser¬ 
vation. 

Bradner  is  Harvard  University’s  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 


The  tangled  web  of  universal  broadband 


Regular  readers  are  probably  familiar  with 
my  opinion  on  universal  broadband  ser¬ 
vice,  but  for  anyone  who’s  missed  out,  it’s 
pretty  simple:  Love  the  idea,  but  fear  the  devil 
is  in  the  details.  Specifically  I’m  talking  about 
the  details  about  who  is  going  to  pay,  what 
they’re  paying  for  and 
how  the  money  is  to  be 
collected.  And  then 
there’s  the  question  of 
who’s  going  to  build  out 
the  infrastructure. 

Because  universal 
broadband  is  a  key  ini¬ 
tiative  of  the  new  administration,  here’s  an  early 
look  at  current  thinking.There  are  two  bills  that 
differ  in  two  key  respects: The  House  bill  pro¬ 
poses  an  investment  of  roughly  $6  billion,  while  the  Senate  bill  is  for  $8 
billion;  and  the  House  bill  earmarks  roughly  half  of  the  funds  to  be 
administered  by  the  Rural  Utility  Service.  Both  bills  call  for  net  neutrali¬ 
ty  requirements  for  infrastructure  providers  (a  bit  tricky  because  there’s 
no  agreed-on  definition  of  net  neutrality). 

Then  there’s  the  open  question  of  what  role,  if  any  the  Universal 
Service  Fund  will  play  Both  bills  tacitly  acknowledge  the  USF  has 
been  a  disastrous  failure,  both  in  philosophy  and  execution.  As  I’ve 
noted  previously  the  USF  managed  to  subsidize  both  the  Gambino 
crime  family  and  Wyoming  billionaires.  And  the  fund’s  basic  design 
was  totally  whacked:  It  operated  as  a  tax  on  telcos,  which  passed 
along  the  fees  to  their  customers  —  meaning  that  people  who  were 
paying  full  costs  for  telephone  services  were  being  asked  to  pay 
again,  while  the  actual  users  didn’t  need  to  pay 


Happily,  both  bills  seem  to  conceive  of  an  entity  other  than  the  cor¬ 
rupt,  poorly  managed  and  poorly  architected  USF  handling  the  job.  So, 
how  is  this  likely  to  play  out? 

First,  proponents  tend  to  believe  that  $6  billion  isn’t  nearly  enough 
money.  Gigi  Sohn,  a  well-known  communications-policy  lawyer  with 
whom  I  served  on  a  panel  recently,  says  the  real  cost  of  implementing 
universal  broadband  is  closer  to  $20  billion;  oth¬ 
ers  say  closer  to  $200  billion.  If  they’re  right,  the 
investment  is  unlikely  to  be  effective  in  reaching 
the  goal  of  truly  “universal”  broadband. 

If  the  net  neutrality  provision  is  passed,  univer¬ 
sal  broadband  proponents  may  discover  that  car¬ 
riers  aren’t  interested  in  a  build-out  under  those 
terms.That  may  not  be  the  end  of  the  world  — 
municipalities  and  state  and  local  governments 
could  fill  the  breach  despite  their  previous  prob¬ 
lems  with  Wi-Fi.  Running  Internet  access  as  a 
direct  public  service  —  rather  than  attempting  to  create  a  business 
case  where  none  exists  —  may  be  the  exact  right  answer  here. 

The  problem  —  and  it’s  a  biggie  —  would  be  how  to  convince  carri¬ 
ers  to  take  the  traffic  from  the  access  providers,  and  at  what  price.  As 
I’ve  documented  previously,  demand  for  Internet  service  is  increasing 
exponentially,  yet  carriers  don’t  make  money  transporting  it. That 
comes  back  to  the  question  of  peering  agreements  —  something  uni¬ 
versal  broadband  proponents  have  yet  to  tackle. 

The  upshot?  Making  universal  broadband  happen  may  prove  harder 
than  merely  proposing  it. 

Johnson  is  president  and  senior  founding  partner  at  Nemertes 
Research,  an  independent  technology  research  firm.  She  can  be  reached 
at  johna@nemertes.com. 


EYE  ON  THE 

CARRIERS 

Johna  Till  Johnson 


If  the  net  neutrality  provi¬ 
sion  is  passed,  universal 
broadband  proponents 
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out  under  those  terms. 
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TECH  UPDATE 

An  inside  look  at  technologies  and  standards 


Seven  security  industry  secrets 


What  you  don’t  know  can  hurt  you 

BY  JOSHUA  CORMAN 

Do  you  ever  get  the  feeling  your  security  providers  are  failing  to  tell 
you  the  whole  truth?  We  entrust  the  industry  to  protect  us  from 
unacceptable  risk.  But  we  must  confront  the  underlying  truth:  The 
goal  of  the  security  market  is  to  make  money 


Here  are  the  seven  dirty  secrets  of  the  secu¬ 
rity  industry  and  practical  ways  to  command 
honesty  from  your  trusted  security  providers. 

1.  Antivirus  certification  omissions.  The  dirt¬ 
iest  secret  in  the  industry  is  that,  while 
antivirus  tools  detect  replicating  malicious 
code  such  as  worms,  they  do  not  identify  mal- 
code  such  as  nonreplicating  Trojans.  So,  even 
though  Trojans  have  been  around  since  the 
beginning  of  malicious  code,  there  is  no 
accountability  in  antivirus  certification  tests. 
Today  Trojans  and  other  forms  of  nonreplicat¬ 
ing  malcode  constitute  80%  or  more  of  the 
threats  businesses  are  likely  to  face.  Antivirus 
accountability  metrics  are  simply  no  longer 
reflective  of  the  true  state  of  threat. 

2.  There  is  no  perimeter.  If  you  still  believe  in 
the  perimeter, you  may  as  well  believe  in  Santa 
Claus.  That  isn’t  to  say  there  is  no  perimeter, 
but  we  need  to  define  what  it  is.The  endpoint 
is  the  perimeter,  the  user  is  the  perimeter.  It’s 
more  likely  that  the  business  process  is  the 
perimeter,  or  the  information  itself.  If  you 
design  your  security  controls  with  no  base 
assumption  of  a  perimeter,  when  you  have  one 
you  are  more  secure.  The  mistake  we  tend  to 
make  is  that  if  we  put  the  controls  at  the 
perimeter,  then  we  will  be  fine.  For  many 
threats,  we  couldn’t  be  more  wrong. 

3.  Risk  management  threatens  vendors.  Risk 
management  really  helps  an  organization 
understand  its  business  and  its  highest  level  of 
risk.  However,  your  priorities  don’t  always  map 
to  what  the  vendors  are  selling.  Vendors  focus 
on  individual  issues  so  you  will  continue  to 
buy  their  individual  products.  If  you  don’t  have 
a  clear  picture  of  your  risk  priorities,  vendors 
are  more  than  happy  to  set  them  for  you. 
Trusted  security  partners  will  provide  options 
for  assessing  your  risk  posture  and  help  you 
develop  plans  to  make  the  most  security 
impact  for  the  least  cost  and  complexity. 
Security  needs  to  conform  to  and  support  your 

Got  great  ideas? 

88  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you've 
got  one.  and  want  to  contribute  it  to  a 
future  issue,  contact  Editor  in  Chief 

John  Dix  (jdix@nww.com) 


business  priorities.  Too  often,  vendors  want 
your  business  to  conform  to  their  portfolio. 

4.  There  is  more  to  risk  than  weak  software. 
The  lion’s  share  of  the  security  market  is 
focused  on  software  vulnerabilities.  But  soft¬ 
ware  represents  only  one  of  the  three  ways  to 
be  compromised,  the  others  being  weak  con¬ 
figurations  and  people.  The  latter  is  the  largest 
uncovered  area  of  risk. This  is  malicious  code 
that  doesn’t  leverage  a  vulnerability  but  rather 
leverages  the  person  —  for  example,  down¬ 
loading  a  dancing  skeleton  for  “a  spooky  good 
time”  (this  was  a  trick  employed  by  Storm), 
social  engineering,  spear  phishing  and  so  on. 
While  we  still  need  to  find  vulnerabilities  and 

Security  needs  to  conform  to 
and  support  your  business 
priorities.  Too  often,  vendors 
want  your  business  to  con¬ 
form  to  their  portfolio. 

patch  them,  we  must  understand  that  an  orga¬ 
nization  is  only  as  strong  as  its  weakest  link. 
And  more  attention  needs  to  be  paid  in  miti¬ 
gating  the  other  two  ways  beyond  software. 

5.  Compliance  threatens  security.  Com¬ 
pliance  in  and  of  itself  is  not  a  bad  thing,  but  it 
does  not  equal  security.  At  the  very  least  it’s  a 
resource  and  budget  conflict,  and  it  splits  our 
focus.  Compliance  is  supposed  to  raise  the 
minimum  standard  of  security  but  it  just  gets 
us  to  do  what  we  are  required  to  do  and  noth¬ 
ing  else. 

What’s  more,  that  which  is  easy  to  measure  is 
not  necessarily  that  which  is  most  valuable.  So 
if  there  were  15  software  vulnerabilities  last 
month,  we  can  measure  that  12  of  them  have 
been  patched.  It  is  much  harder  to  measure 
how  effective  user  training  was  to  make 
administrators  immune  to  social  engineering 
attacks.  The  lesson  is  you  need  to  be  compli¬ 
ant,  but  your  entire  risk  strategy  cannot  be 
based  on  it. 

6.  Vendor  blind  spots  allowed  for  Storm. 

Storm  is  being  copied  and  improved.  The 
Storm  era  of  botnets  is  alive  and  well,  nearly 
two  years  from  when  it  first  appeared.  There 
are  three  reasons  why  this  is  possible.  First, 


botnets  thrive  in  the  consumer  world  where 
there  is  little  money  for  innovation,  a  fact 
Storm  and  its  controllers  know.  They  are  mak¬ 
ing  money  off  of  everything  from  spam  to 
pump-and-dump  stock  scams.  Second,  they 
eat  antivirus  for  breakfast.  A  lot  of  the  tech¬ 
niques  and  innovations  used  by  Storm  are  not 
new;  they  are  just  being  leveraged  artfully 
against  the  blind  spots  of  antivirus  certifica¬ 
tions  and  antivirus  vendors.  Third,  malcode 
does  not  need  vulnerabilities.  Most  of  the 
Storm  recruitment  drives  have  leveraged 
social  engineering  and  play  off  of  a  holiday  or 
sporting  event. 

7.  Security  has  grown  well  past  “do  it  your¬ 
self.”  Technology  without  strategy  is  chaos. 
The  security  market  is  often  far  too  focused  on 
the  latest  hot  box  or  technology. The  shear  vol¬ 
ume  of  security  products  and  the  rate  of 
change  has  super-saturated  most  organiza¬ 
tions  and  exceeded  their  ability  to  keep  up. 
Organizations  realize  only  a  fraction  of  the 
capabilities  of  their  existing  investments. 
Furthermore,  the  cost  of  the  product  is  often  a 
fraction  of  the  cost  of  ownership.  There  was  a 
time  when  you  could  “do  it  yourself.”  But  the 
simple  days  of  “virus  meets  antivirus”  are  long 
gone.  Highly  effective  organizations  are 
embracing  professional  and  managed  securi¬ 
ty  services  to  extend  and  augment  their  in- 
house  expertise.  By  focusing  your  in-house 
expertise  on  what  you  know  best  —  your  busi¬ 
ness  —  scale  comes  from  teaming  with  third- 
party  expertise.  This  will  be  increasingly  nec¬ 
essary  in  these  tough  economic  times. 

The  primary  goals  for  executives  over  the 
next  few  years  is  to  cut  cost  and  reduce  com¬ 
plexity.  Today  we  are  seeing  a  massive  conver¬ 
gence  in  the  security  market.  There  are  only 
going  to  be  a  few  large  players  left  and  a 
bunch  of  smaller  players.  Will  consolidation 
lead  to  better  efficiency,  or  will  it  lead  to  ven¬ 
dor  lock-in? 

As  executives  simplify,  they  will  face  many 
choices.  Simply  reducing  vendors  may  fail  to 
balance  cost,  complexity  and  risk.  Vendors 
have  a  responsibility  in  this  equation  and  must 
rise  to  the  challenge.  True  risk  management 
can  show  where  to  prune  solutions,  but  the 
key  is  risk  driven,  responsible  simplification. 

Corman  is  principal  security  strategist  for  IBM 
Internet  Security  Systems. 


This  vendor-written  tech  primer  has  been 
edited  by  Network  World  to  eliminate  prod¬ 
uct  promotion,  but  readers  should  note  it 
will  likely  favor  the  submitter's  approach. 
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Apps  in  the  clouds.  Security  that’s  virtual.  Data  Centers  going  green. 
And  now  an  economy  headed  south.  Need  new  answers?  Ways  to 
do  more  with  less?  Better  direction? 


At  last— some  good  news:  IT  Roadmap  2009. 

It’s  all-new  and  it’s  coming  to  New  York  first  in 
February.  The  premier,  one-day  event  that  combines 
a  professional  conference  and  with  a  private  expo 
focused  on  helping  frontline  IT  pros  succeed  in  10 
crucial  areas: 


1.  Network  Management,  Automation  &  Control 

2.  Securing  the  Network  Core 

3.  WAN  &  Branch  Office  Strategies 

4.  Virtualization 

5.  UC,  VoIP  &  Collaboration 

6.  SaaS,  Cloud  Computing,  &  Managed  Services 

7.  Security  and  Compliance 

8.  Green  IT  Initiatives 

9.  Application  Delivery 

10.  Data  Center  Infrastructure  &  Management 


Qualify  now  and  you  can  join 
us  free!  Sign  up  early  and 
you  can  attend  your  choice  of 
two  fast-paced,  info-rich 
sessions.  Gain  forecasts  from 
the  industry’s  most-followed 
analysts.  Case  histories 
from  successful  end  users. 
Personal  consults  and  rate 
quotes  from  IT’s  key  vendors. 


TiddlyWiki  is  amazing,  fantastic! 

E 


1  very  now  and  then  you  stumble  across  a 
truly  great  idea  and  don’t  get  it  at  first.Then 
l  you  fall  over  the  idea  a  second  time  and 
click!  The  light  goes  on.  Such  was  my  finding 
and  re-finding  of  TiddlyWiki,  a  personal  wiki  sys- 
GEARHEAD  tern  created  by  Jeremy  Ruston. 
iH|  ,  p  '  hh  J  m  not  sure  *  didn’t  have  that  “aha!” 

IViarK  blDDS  moment  when  I  first  found  this  free,  open  source 
software.  Given  the  insane  number  of  products  1 
look  at,  it  probably  was  a  case  of  getting  lost  in  the  noise.  That’s  a  pity 
because  it  turns  out  TiddlyWiki  is  an  amazingly  perhaps  insanely  great 
tool.  In  fact,  I  award  TiddlyWiki  10  out  of  5  —  it’s  that  cool. 

While  I’m  sure  all  of  you  know  what  a  wiki  is,  here’s  a  good  definition 
from  the  Wiki  mother  ship,  Wikipedia: ‘A  wiki  is  a  page  or  collection  of 
Web  pages  designed  to  enable  anyone  who  accesses  it  to  contribute  or 
modify  content,  using  a  simplified  markup  language.” 

TiddlyWiki  takes  a  more  personal  approach  to  wikis  than  most  imple¬ 
mentations  because,  rather  than  servicing  a  group  of  users,  it  provides  a 
private,  singleuser  wiki. 

TiddlyWikis  can  be  used  in  a  number  of  ways,  for  example,  as  an  ele 
gant  and  low-cost  method  for  creating,  distributing  and  collaborating  on 
documentation.  Check  out  Reasoning  Well,  a  TiddlyWiki  that  covers  key 
concepts  in  the  analysis  of  reasoning  for  philosophy  students. You  can 
use  this  TiddlyWiki  online  or  download  it  —  and  that  leads  to  a  key 
attribute  of  TiddlyWikis:  Once  you  have  your  own  copyyou  can  annotate 
and  add  to  it,  making  it  your  own  content  mashup. 

Another  interesting  use  for  TiddlyWikis  is  as  a  tool  for  implementing  a 
Getting  Things  Done  (GTD)  methodology 

If  you  haven’t  come  across  GTD,  it’s  described  by  Wikipedia  as  “an 
action  management  method.”  If  you  have  time-  and  task-management 


problems,  you  might  find  value  in  the  GTD  approach,  as  legions  of 
techies  have.  For  example,  take  a  look  at  43Folders,  essentially  a  fan  site 
for  GTD  and  time/process  management. 

A  central  requirement  of  GTD  is  a  system  for  managing  tasks,  keeping 
research  and  capturing  notes  on  the  stuff  you  need  to  keep  track  of.  Not 
surprisingly  the  simplicity  elegance  and  portability  of  TiddlyWiki  make  it 
a  compelling  choice  for  GTD  adherents. 

TiddlyWiki  is  implemented  as  a  single  file  (without  content,  its  size  is 
just  286KB)  that  combines  JavaScript  code,  cascading-style-sheet  defini¬ 
tions  and  the  wiki  content.  This  creates  a  discrete,  versatile  and  highly 
portable  package  that  runs  on  pretty  much  any  modern  browser  on  any 
operating  system.You  can  store  it  on  a  USB  drive, send  it  via  e-mail, or  use 
it  from  a  Common  Internet  File  System  share  that  can  be  read  only  —  or 
if  you  want  to  update  the  content,  read  and  write. 

TiddlyWikis  are  very  popular  although  they  are  still  a  geek’s  solution  to 
a  lot  of  data  management  problems  because  they  aren’t  really  well  doc¬ 
umented  for  non-techies’  purposes  (although  that  shouldn’t  be  hard  to 
fix). But  here’s  the  opportunity:You  can  get  even  naive  users  comfortable 
with  TiddlyWikis  with  minimal  training  —  the  concepts  are  quite  simple 
and  the  user  interface  can  be  configured  as  you  please. 

TiddlyWiki  is  truly  amazing,  and  you  need  to  try  it  out.  Let’s  get  you  start¬ 
ed:  Go  to  the  TiddlyWiki  download  page.  Then  you  have  two  choices:  to 
save  an  empty  version  (a  barebones  copy  of  TiddlyWiki  without  con¬ 
tent)  locally  or  to  create  a  free  account  on  the  TiddlySpot  server  that 
will  host  a  private  or  public  copy  of  your  wiki. 

Now  this  is  where  it  gets  interesting.  Sorry  I’ve  run  out  of  space, so  next 
week  —  you  guessed  it  —  more  TiddlyWiki. 

Gibbs  is  all  kinds  of  excited  in  Ventura,  Calif.  Get  amped  at  gear- 
head@gibbs.  com. 


Octiv  Air  an  impressive  iPod  streamer 


The  scoop:  Octiv  Air  (M8 12),  by  Altec  Lansing, 
about  $400  (basic  set,  additional  speakers  cost 
$300). 

What  it  is:  The  M812  base  package  of  the 
Octiv  Air  wireless  speaker  system  includes  an 
iPod  docking  station  that  acts  as  a  transmitter, 
COOLTOOLS  and  a  stereo  speaker  (40  watts  per  channel,  two 

channels)  that  acts  as  a  receiver.  In  addition  to 
the  iPod  slot,  the  docking  station  has  an  FM 
radio  receiver,  as  well  as  an  auxiliary  port  for  connecting  non-iPod 
devices,  such  as  a  portable  CD  player  or  other  MP3  player. You  can  add 
a  second  stereo  speaker  (about  $300  through  the  Altec  Lansing  Web 
site),  then  flip  a  switch  for  one  to  act  as  the  “left” 
speaker,  and  the  other  as  the  “right”  speaker. The 
docking  station  also  can  recharge  the  iPod. 

The  system  uses  proprietary  802.1 1-based 
wireless  technology  to  stream  the  music 
from  the  base  station  to  the  speaker  —  Altec 
Lansing  says  it  has  a  range  of  100  feet.  A 
remote  control  includes  buttons  for  volume, 
mute,  bass,  treble,  play/pause  and  next/last 
track,  and  six  presets  for  the  FM  radio. 

Why  it’s  cool:  The  system  is  designed  for 
users  who  want  to  separate  the  location  of 
their  iPod  from  the  speaker  portion  —  the 
tiny  docking  station  can  sit  on  a  desk,  but  the 
speaker  can  be  wall-mounted  or  placed  higher 
up  on  a  bookshelf,  for  example.  In  addition, 
the  system  can  be  expanded  with  extra 
speakers.  The  docking  station  supports 
audio  streaming  to  as  many  as  eight 
speakers.  Only  one  song  can  be 


streamed  to  the  multiple  speakers,  however;  unlike  other  multi-room 
systems,  you  can’t  play  multiple  songs  to  different  rooms  in  the  house. 

1  tested  the  system  in  the  office,  and  the  wireless  range  was  very  good. 
In  two  locations  (separating  the  transmitter  and  the  speaker  by  75  feet 
and  about  100  feet),  I  could  connect  the  system  wirelessly  and  hear  the 
music  without  any  delay  This  included  going  through  several  office 
walls,  so  in  most  homes,  the  wireless  range  wouldn’t  be  a  problem. 

Some  caveats:  The  system  doesn’t  officially  support  the  iPhone,  but 
in  my  tests  I  was  able  to  stream  audio  from  the  iPhone  to  the  wireless 
speaker.  Unfortunately  the  recharging  capability  doesn’t  apply  to  the 
iPhone;  it  works  only  with  iPod  models.  I  could  still  stream  audio 
from  such  music  services  as  Slacker  and  Pandora  on  my  iPhone,  but 
going  over  the  3G  or  Wi-Fi  network  would  eventually  drain  the 
battery  (I  prefer  other  speakers  that  also  can 
recharge  the  iPhone’s  battery  while  using 
those  services). 

At  $400,  the  cost  of  the  system  may  seem 
steep  for  the  benefits  of  having  a  wireless 
streaming  system.  If  being  able  to  play  music 
in  one  location  and  have  the  music 
emanate  from  another  location  appeals  to 
you,  this  is  a  very  impressive  system  and 
worth  a  look.  In  addition,  this  might  be  an 
affordable  way  (compared  with  more 
expensive  multiroom  systems,  such  as 
Sonos)  to  approach  multi-room  audio  if 
you’re  not  worried  about  playing  multiple 
songs  but  just  want  the  same  song  appearing 
everywhere. 

Grade:  ★★★★  (out  of  five) 

Shaw  can  be  reached  at  kshaw@nww.com. 
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World  Class  Web  Hosting 


BY  JAMES  E.  GASKIN 

Laptops  are  the  main  business  tool  for 
most  mobile  workers,  and  connect* 
I  ing  those  devices  to  the  Internet  via 
free  public  Wi-Fi  hot  spots  has  become 
common  practice.  So,  how  well  do  your 
mobile  workers  follow  security  guidelines 
for  safe  mobile  computing? 


Interviews  with  Wi-Fi 
users  at  airports  and 
coffee  shops  reveal  serious 
security  lapses 


To  find  out,  we  went  directly  to  the  source.  We 
visited  airports,  restaurants  and  coffee  shops  and 
asked  people  about  the  security  measures  they 
were  taking  to  protect  their  laptops. 

We  asked  whether  the  laptop  was  personal 
property  or  provided  by  work;  whether  it  was 
being  used  for  personal  or  work  projects;  what 
kind  of  security  training  the  users  had  been 
given;  and  other  details  about  Wi-Fi  use  and 
general  laptop  safety.  Because  we  tracked  no 
personal  details  beyond  the  user’s  first  names, 
people  seemed  open  and  fairly  honest  with 
their  answers. 

The  results  should  scare  any  security  profes¬ 
sional.  Many  users  have  little  idea  which  security 
features  their  laptop 
has,  and  only  vague 
notions  about  safe 
computing  prac¬ 
tices.  Before  we  get 
to  the  real  horror 
stories,  let’s  start 
with  the  users 
who  exhibited 
the  best  Wi-Fi 
behavior. 


Timothy:  B+ 


Every  IT  exec  who  has  laptop  users  on  the  road  would  be  happy  to  hold 
Timothy  up  as  an  example  of  smart  laptop  use.  Sitting  in  the  Los  Angeles  air¬ 
port,  plugging  his  laptop  into  his  cell  phone,  Timothy  did  most  of  the  right 
things  to  protect  laptop  safety. 

“All  the  company  field  service  engineers  have  to  be  A+  certified,”  says 
Timothy,  a  technician  for  a  medical  device  manufacturer.“IT  installs  security 
software  and  we  get  occasional  memos  about  safety  but  we  all  understand 
security  and  are  pretty  careful.” 

Because  the  Los  Angeles  airport  doesn’t  offer  free  Wi-Fi,  Timothy  uses  the 
Sprint  cellular  data  network  through  his  cell  phone.  When  free  Wi-Fi  is  avail¬ 
able,  such  as  in  the  Denver  airport,  for  example,  he  takes  advantage  of  it. 

Checking  his  company  e-mail, Timothy  says  he  has  access  to  aVPN  for  con¬ 
necting  to  the  company  network,  but  wasn’t  using  it  at  the  time.His  employer 
provided  the  Dell  Latitude  D520  running  Microsoft  Windows  XF?but  Timothy 
admitted  using  it  for  personal  business  as  well. 

Timothy’s  laptop  had  a  pass¬ 
word  that  appeared  before  Win¬ 
dows  loaded.  He  wasn’t  sure  if 
that  was  for  a  system-level  pass¬ 
word  or  a  full  disk  encryption 
product. 


See  Hot  spot,  page  26 
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Then  there's  Kurt. CFO  for  a  regional  restaurant  chain. Kurt  loves  free 
Wi-Fi  if  heean  get  it, and  refuses  to  consider  paying  for  any  type  of  cel¬ 
lular  data  network  plan  for  himself  or  any  of  his  users. “If  I  can  get  by 
with  free  Wi-Fi  as  much, as  1  travel, so  can  everyone  else,"  he  says. 

Sitting-in  the  Dallas/Fort  Worth  airport.  Kurt  was  buying  a  single  day 
pass  forTMobile  Wi-Fi  access.  His  Dell  Latitude  630,  company  equip¬ 
ment,  was  running  Windows  XP 

“We  use  a  BlackBerry  or  a  smartphoi re  for  our  e-mail, so  laptop  con¬ 
nections  aren't  that  critical,”  Kurt  says.  He  does  use  his  company  lap¬ 
top  for  personal  projects,  but  answered  with  an  emphatic  “no”  when 
asked  about  online  banking  over  public  Wi-Fi  .‘‘1  can  start  a  VPN  to  our 
company  accounting  server  if  I  need  to,  but  that’s  all  the  connections 
I  have  to  work,”  he  says. 

Kurt’s  refusal  to  consider  using  a  cellular  data  network  from  one 
of  the  major  cell  phone  providers  may  be  an  example  of  a  “looks 
good  but  smells  bad”  business  decision.  When  users  search  for  free 
Wi-Fi  networks,  they  open  themselves  to  a  variety  of  interception 
hacking  techniques,  particularly  if  they  connect  to  an  ad  hoc  net¬ 
work  by  accident. 

Buying  a  couple  of  T-Mobile  day  passes  and  paying  for  three  nights 
of  hotel  Internet  access  during  a  month  will  cost  Kurt  the  same 
amount  as  the  monthly  cellular  data  network  fee.  Users  spending  $60 
on  laptop  connections  per  month  will  benefit  from  a  cellular  data 
network’s  flat  and  predictable  pricing  models,  and  be  at  least  a  bit 
more  secure  than  searching  for  an  open  public  Wi-Fi  network. 


» - 


Rebecca:  D- 


In  a  Panera  Bread  restaurant,  Rebecca  sipped  tea 
while  using  her  Acer  1640Z  laptop  running  Windows 
XPShe  uses  her  personal  laptop  at  both  of  her  jobs  — 
a  hospital  and  a  local  college  where  she  teaches  part 
time. 

Rebecca  uses  public  Wi-Fi  for  email  and  Web  brows¬ 
ing.  She  says  she  doesn’t  have  a  way  to  connect  directly 
to  the  college  network  from  a  remote  location, but  does 
access  several  systems  via  its  Web  interface. 

When  asked  about  her  link  to  the  hospital,  Rebecca 
said, “I  use  sit  something,  like  citrus,  no,  Citrix.”  She  said 
her  hospital  IT  department  installed  the  Citrix  Systems 
software  and  some  security  programs,  but  she  had  no 
idea  what  they  were. 

Here  we  have  a  laptop  going  between  two  heavily 
regulated  industries  demanding  care  with  client 
records,  a  hospital  and  a  college,  and  physi¬ 
cally  and  remotely  connecting  to  each  net¬ 
work.  Rebecca’s  laptop  had  no  physical 
security, such  as  a  system  boot-up  pass¬ 
word  or  any  level  of  disk  encryp¬ 
tion.  The  type  of  information  that 
could  be  easily  accessed  on  that 
laptop  if  it  was 
stolen,  or  the 
data  easily 
intercepted 


5  Wi-Fi  secu  hly  tips 

1.  Always  use  a  personal  firewall  and  up-to-date  security 
software. 

2.  Avoid  all  open  access,  ad  hoc  Wi-Fi  networks. 

3.  When  using  public  Wi-Fi,  use  your  corporate  VPN  for  any 
link  back  to  your  company. 

4.  Make  sure  all  your  traffic  is  individually  encrypted.  Don’t 
use  regular  POP3,  IMAP  or  SMTP  for  e-mails,  but  use 
POP3  over  SSL  (POP3S),  IMAP  over  SSL  (IMAPS)  and 
SMTP  over  SSL  (SMTPS/SMTPTLS). 

5.  Cellular  data  networks  provide  a  slightly  higher  techni¬ 
cal  barrier  than  Wi-Fi  for  snooping,  but  still  use  your  fire¬ 
wall  and  other  precautions. 

SOURCE:  JESPER  JURCENOKS,  CTO  OF  NETVIGILANCE,  WHICH  MAKES  NETWORK  VULNERABILITY  TESTING  SOFTWARE) 


Then  there’s  Brad.  He  proudly  showed  off  his  9-month-old  Dell 
E1405  laptop  running  Windows  XP  as  he  sat  in  a  Panera  Bread 
restaurant  and  used  its  public  Wi-Fi.  He  bought  the  computer 
himself,  but  also  uses  it  as  his  main  computer  at  the  church  he 
works  for.  That  means  everything  he  does  with  his  laptop  at 
Panera  Bread  goes  with  him  to  the  office  and  plugs  directly  into 
his  office  network. 

“1  do  everything  on  my  laptop,”  Brad  says. “E-mail,  blogs,  Web 
research,  check  my  bank  accounts  online,  both  personal  and 
for  the  church.”  He  may  have  realized  the  security  implications 
of  that  statement  when  he  later  said  he  never  lets  his  browser 
save  user  name  and  password  for  Web  sites  he  visits. 

See  Hot  spot,  page  28 
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When  You 
Need  It  Most 


SunGard  Availability  Services  help  your  business  move  forward  with 
the  most  advanced  and  widest  choice  of  information  availability  options  [ 
in  the  industry 

From  virtualization  to  hot  sites  to  replication  and  vaulting— SunGard  Availability  Services 
does  it  all.  And  it's  all  we  do.  That  kind  of  focus  helps  ensure  high  availability  of  data, 
applications  and  systems  and  fits  your  needs  and  budget  precisely. 

When  we  partner  with  you,  you  worry  less  about  the  road  ahead.  Here’s  why: 
a  track  record  of  100%  successful  recoveries;  over  60  facilities  with  redundant 
power  connected  to  SunGard’s  secure  global  network;  and  more  than  20,000  end- 
I  user  positions  in  facilities  across  North  America  and  Europe.  SunGard  Availability 
Services— the  information  availability  solution  for  businesses  that  must  run  non-stop. 
Keep  moving,  call  1-800-468-7483  or  visit  www.availability.sungard.com. 


SUNGARD' 

Availability  Services  Connected \® 


Jay;  G 

Jay  used  his  older  MacBook  running  OS  X  10.5  to  read  e-mails 
while  sitting  at  the  Cafe  Express  restaurant  in  Dallas,  a  busy  Wi-Fi 
hot  spot.  A  self-employed  musician  and  event  planner,  he  doesn’t 
worry  much  about  security  problems  with  public  Wi-Fi  because, 
“It’s  a  Mac.” 

Officially  a  work  computer  Jay  uses  the  device  for  all  personal 
and  work  activities  whenever  he  leaves  his  home  office. 

To  prove  he  was  worried  about  the  loss  of  his  laptop,  Jay 
offered  to  show  us  the  Kensington  laptop  lock  he  had  in  his  com¬ 
puter  bag.  Unfortunately  for  Jay  the  bag  actually  contained  two 
spare  audio  equipment  RCA  cables.  But  Jay  deserves  points  for 
being  more  concerned  about  physical  laptop  safety  than  anyone 
else  we  met. 


wMy  y/jijj  a  Jupiuj j 


1.  Use  a  laptop  label  service  or  laptop  tracking 
service,  or  both. 

2.  When  using  public  transportation,  always 
keep  your  laptop  on  your  lap.  In  2005,  more 
than  4,400  laptops  were  left  in  taxis  in  the  city 
of  Chicago  alone. 

3.  Don't  use  laptop  bags  with  big  logos 
screaming  “expensive  laptop  inside." 

4. To  avoid  seeing  data  from  your  lost  laptop 
appear  on  CNN,  use  full  disk  encryption. 

SOURCE  K  M  BRAND  CO-FOUNOER  OF  LAPTOP  SAFETY  SEMINARS) 


Lessons  learned 

Summing  up,  laptop  users  we  interviewed  seem  unconcerned  about 
security  when  using  public  Wi-Fi  networks.  Those  who  have  work  lap¬ 
tops  still  use  them  for  personal  business,  and  those  who  use  personal 
laptops  for  work  take  few  security  precautions. 

No  one  volunteered  that  they  used  a  firewall,  although  a  few  knew 
they  had  one  when  asked.  No  one  understood  the  amount  of  casual 
and  targeted  Wi-Fi  hacking  that  could  have  been  applied  to  their  com¬ 
munications  during  our  conversation. 

Because  the  majority  of  data  breaches  reported  in  the  news  start  with 
some  type  of  lost  laptop,  we  expected  to  hear  several  people  tell  us 
about  full  disk  encryption  on  their  laptops.  None  did,  although  Timothy 
may  have  full  disk  encryption  and  not  know  it.  None  used  any  type  of 
data  folder  encryption,  either. 

None  of  the  laptop  users  we  interviewed  used  any  type  of  laptop 
labeling  or  tracking  service  to  greatly  increase  the  chances  of  recover¬ 
ing  a  lost  laptop.  Because  nearly  12,000  laptops  are  lost  or  stolen  at  U.S. 
airports  each  week,  the  chances  are  good  a  regular  traveler  will  lose  a 
laptop  before  long.  (Read  a  related  story  about  10  of  the  worst  moments 
in  network-security  history  at  www.nwdocfinder.com/8435.) 

Label  tracking  services  affix  a  permanent  label  to  laptops  with  a 
unique  ID  and  a  toll-free  number  and  URL.  When  someone  finds  a  lost 
laptop,  the  service  arranges  to  ship  the  laptop  back  to  the  owner,  and 
rewards  the  finder.  With  business  laptops  still  in  the  $1,000  to  $1,500 
price  range,  getting  laptops  back  can  save  some  serious  money 

Tracking  services  also  help  return  laptops,  but  focus  on  those  grabbed 
by  thieves.  Hidden  software  “phones  home”  whenever  the  laptop  con¬ 
nects  to  a  network  to  report  its  location.  When  a  laptop  is  reported 
stolen,  the  tracking  service  pinpoints  its  location  and  informs  the  owner, 
local  police  or  both. The  market  leader  in  this  area,  Absolute  Software, 
claims  to  have  returned  more  than  5,000  stolen  laptops,  including  more 
than  200  in  one  week  in  2007. 


Slide  ; 

How  to  protect  yourself  when  using  public  Wi 

www.nwdocfinder.com/8529 


Preaching  abstinence 

As  part  of  our  research,  we  spoke  with  John,  a  security  manager  at 
a  major  financial-services  institution  (names  concealed  for  secu¬ 
rity)  and  asked  about  his  rules  for  company-supplied  laptops. 
They’re  the  harshest  we’ve  seen,  and  would  certainly  surprise  the 
laptop  users  we  interviewed. 

“No  public  Wi-Fi,  ever’’ John  says.“We  use  only  cellular  data  networks 
for  that  extra  bit  of  security  We  block  the  USB  ports  on  the  laptops,  and 
block  the  CD-DVD  drives.  If  you  can  load  a  program,  you  can  get  in¬ 
fected.  When  your  laptop  gets  infected, you  bring  that  infection  to  work.” 

At  a  Starbucks,  we  found  a  user  who  subscribed  to  John’s  abstinence 
theory  He  was  using  his  personal,  older-model  Gateway  laptop. “I  never 
use  wireless  anywhere,”  he  says.“Not  at  home,  not  at  work,  and  certainly 
not  in  public,”  he  said  as  he  plugged  his  power  cord  into  the  wall. 

Of  course,  there’s  a  middle  ground  between  using  public  Wi-Fi  promis¬ 
cuously  and  going  the  abstinence  route.  Users  can  practice  safe  surfing 
by  following  accepted  best  practices  that  include  firewalls,  encryption, 
VPNs  and  physical  security  measures  to  protect  data  in  the  event  that  a 
laptop  is  stolen  or  lost. 
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Gaskin  is  an  author,  consultant  and  speaker  on  technology  for  small 
business.  He  can  be  reached  at  james@gaskin.com. 
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►  Intelligent  Link  Protectors 

►  Smart  Bypass  Switches 

►  Network  Taps 


Instantly  Search  Terabytes  of  Text 


The  Smart  Choice  for 
Text  Retrieval®  since  1991 


♦  dozens  of  indexed,  unindexed,  fielded 
data  and  full-text  search  options 
(including  Unicode  support  for 
hundreds  of  international  languages) 


♦"For  combing  through  large 

amounts  of  data,"  dtSearch  "leads 
the  marker  -  Network  Computing 

♦  dtSearch  "covers  all  data  sources ... 
powerful  Web-based  engines" 

-  eWEEK 


♦  file  parsers  /  converters  for 
hit-highlighted  display  of  all  popular 
file  types 


♦  Spider  supports  static  and  dynamic  web 
data;  highlights  hits  while  displaying 
links,  formatting  and  images  intact 


♦  API  supports  .NET,  C++,  Java,  databases, 
etc.  New  .NET  Spider  API 


♦  "Bottom  line:  dtSearch  manages  a 
terabyte  of  text  in  a  single  index 
and  returns  results  in  less  than  a 
second"  -  InfoWorld 


♦  dtSearch  "searches  at  blazing 
speeds"  -  Computer  Reseller  News 
Test  Center 
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NEWS  ANALYSIS 


South  Carolina 

continued  from  page  14 

its  original  purpose  because  new  modes  of  dis¬ 
tance  learning  now  are  offered  over  IP-based 
broadband  networks. 

It’s  prime  spectrum  real  estate,  in  part 
because  Sprint  Nextel  and  Clearwire  have 
combined  forces  to  buy  or  lease  this  spectrum 
to  roll  out  their  joint  WiMAX  4G  network.  The 
early  results,  in  Baltimore  for  example,  are 
impressive:  multi-gigabit  uploads  and  down¬ 
loads  even  by  mobile  users.  In  mid-2008,  the 
WiMAX  Forum  had  begun  certifying  an  array 
of  Mobile  WiMAX  products  to  access  networks 
in  this  band. 

South  Carolina  nevertheless  faces  an  array  of 
challenges.  The  Sprint-Clearwire  merger  also 
ended  a  rivalry  that  might  have  led  to  a  bidding 
war  for  the  spectrum.  And  the  nation’s  eco¬ 
nomic  meltdown  is  likely  to  lower  what  com¬ 
panies  are  willing  or  able  to  pay  for  it. 

Finally  the  whole  process  could  spark  a  bruis¬ 
ing  and  time-consuming  political  battle  over 
different  visions  of  how  government  and  indus¬ 
try  should  partner  on  a  range  of  broadband 
policy  issues,  from  contract  details,  to  service- 
level  agreements,  to  bridging  what’s  called  the 
digital  divide  between  well-heeled  broadband 
users  and  the  poor. 

The  state’s  wireless  asset 

The  EBS  licenses  are  owned  by  the  South 
Carolina  Educational  Television  Network 
(ETV),a  nonprofit  that  also  runs  11  television 
stations  and  eight  radio  stations.  After  the  FCC 
rules  changes  for  this  class  of  licenses,  ETV 
began  exploring  options  to  lease  the  excess 
capacity  The  state  legislature  created  its  own 
exploration  committee  in  2007,  eventually 
passing  a  bill  to  create  in  late  May  2008  the 
Educational  Broadband  Service  Commission, 
charged  with  developing  a  competitive  pro¬ 
cess  for  leasing  spectrum  assets.  Six  months 
later,  the  RFP  was  ready 

The  commission  deliberately  cast  a  wide  net 
with  the  RFFsays  its  chairman,  Gary  Pfenning- 
ton,  whose  day  job  is  as  managing  partner  of 
his  Columbia-based  law  firm.  “We  were  very 
clear  [that]  we  did  not  want  to  pigeonhole  the 
particular  use  of  the  spectrum,”  he  says. “We’ve 
left  that  wide  open.” 

The  RFP  is  being  promoted  via  SpecEx.com, 
which  is  billed  as  the  first  fully  online,  fully 
automated  exchange  for  buying,  selling  and 
leasing  spectrum  licensed  by  the  FCC.The  site 
was  launched  last  fall  by  start-up  Spectrum 
Bridge,  in  Lake  Mary  Fla. 

Changing  the  spectrum  landscape 

EBS  licenses  are  held  by  such  entities  as  uni¬ 
versities,  schools  and  churches.  The  concept 
dates  from  1963,  when  microwave  spectrum 
was  set  aside  to  send  closed-circuit  TV  broad¬ 
casts  to  multiple  campuses  or  classrooms,  says 
Charles  Spann,  wireless  business  analyst  with 
Connected  Nation, a  Washington,  D.C.  nonprofit 
that  facilitates  public-private  joint  efforts  to 


extend  broadband  reach  and  access. 

There  are  now  20  education-held  channels 
and  another  13  related  commercial  channels 
in  this  spectrum,  according  to  Spann.The  com¬ 
mercial  users,  including  such  companies  as 
People’s  Choice  Television,  were  Wall  Street  dar¬ 
lings  during  the  1980s  and  1990s,  offering  wire¬ 
less  analog  TV  services,  until  digital  signals  and 
satellite  TV  services  scuppered  them. 

Under  the  FCC  rules  changes,  this  entire  spec¬ 
trum  now  is  available  to  be  leased  for  any  num¬ 
ber  of  uses  and  for  wireless  technologies 
including  WiMAX  and  Long  Term  Evolution. 

The  South  Carolina  EBS  licenses  constitute  a 
“huge  amount  of  spectrum,”  Spann  says. “That 
allows  nearly  ubiquitous  coverage  over  the 
state,  and  enough  cumulative  spectrum  to 
build  a  business  plan  around.”  If  Clearwire,  for 
example,  was  successful  only  in  buying  or  leas¬ 
ing  the  commercial  2.5GHz  channels, “it  might 
not  have  enough  to  go  into  big  markets  and 
provide  a  WiMAX  play  that  would  satisfy  the 
needs  of  a  large  population,”  he  says. “But  add 
20  more  [EBS]  channels, and  you’ve  gone  from 
not  having  enough  to  having  more  than  you 
need.”  Under  the  current  FCC  rules,  the  leasers 
are  given  wide  latitude  in  the  kind  of  technol¬ 
ogy  and  services  they  can  offer  in  that  band. 

What  South  Carolina  is  attempting  has  been 
done  in  Milwaukee  on  a  much  smaller  scale. 
There,  Clearwire  a  year  ago  began  offering 
WiMAX  services  based  on  12  broadcast  chan¬ 
nels  it  leased  from  the  University  of  Wisconsin- 
Milwaukee,  Milwaukee  Area  Technical  College 
and  Milwaukee  Public  Schools.  The  company 
paid  each  institution  $4.17  million  upfront  and 
$55,000  per  month.  Each  year,  the  monthly  pay¬ 
ment  will  increase  by  3%.  The  lease  is  for  30 
years,  with  a  renewal  or  cancellation  option  for 
Clearwire  every  10  years. 

A  missed  chance? 

Spann  wonders,  however,  whether  South 
Carolina  has  missed  its  best  chance  for  an 
optimal  deal.  Because  of  the  economic  melt¬ 
down,  coupled  with  the  Sprint-Clearwire 
WiMAX  merger,  the  price-per-megahertz-pop 
on  a  national  average  has  plummeted  from  a 


high  of  about  50  cents  to  fewer  than  4  cents 
today  That  drop  slices  hundreds  of  thousands, 
even  millions  from  the  lease  deals. 

The  other  uncertainty  is  how  advocates,  spe¬ 
cials  interests  and  the  state  legislature  will 
respond  once  the  deadline  for  the  RFP  passes 
at  5  pm  EST  on  Feb.  16.The  specter  of  an  immi¬ 
nent  decision  could  be  crystallizing  efforts  to 
make  major  changes  to  the  process  as  it  stands. 

“Unfortunately  the  [Educational  Broadband 
Service  Commission]  has  defined  its  role  in 
rather  narrow  terms  —  to  auction  off  ETV’s 
excess  spectrum,”  said  Jabrari  Simama,  vice 
president  of  community  development  and 
executive  assistant  to  the  president  at 
Columbia’s  Benedict  College,  writing  in  a  Jan. 
21  op-ed  column  in  “The  State,”  one  of  South 
Carolina’s  biggest  newspapers. 

Taking  sides  in  the  wireless  debate 

Simama  is  no  stranger  to  the  issues  involved 
or  to  the  politics  of  technology:  He’s  the  direc¬ 
tor  of  the  Broadband  in  Cities  and  Towns 
Conference  held  annually  in  Columbia,  and 
the  former  telecommunications  officer  for  the 
city  of  Atlanta  who  co-wrote  the  city’s  2002 
wireless  RFP“[The  commission]  must  realize 
the  great  trust  that  has  been  vested  in  it  to  pro¬ 
tect  and  serve  the  public  good,”  he  wrote  in  the 
op-ed.“It  would  be  a  serious  mistake  to  view  its 
job  merely  as  an  auctioneer  of  the  public’s 
spectrum,  identifying  the  highest  bidder  and 
nothing  more.” 

Simama’s  list  of  other  considerations  is  long, 
and  potentially  politically  combustible.  He 
advocates  among  other  things  “provisions  for 
local  and  minority  participation”  to  create  jobs 
and  promote  diversity,  and  dedicating  a  per¬ 
centage  of  lease  revenues  to  creating  an 
endowment  “devoted  to  eliminating  the  digital 
divide  and  ensuring  that  broadband  is  avail¬ 
able  to  every  citizen  in  the  state.” 

After  this  month’s  deadline  for  RFPs.the  com¬ 
mission  will  evaluate  them  based  on  the  guide¬ 
lines  and  requirements  mandated  by  the  law 
creating  it.  The  commission  will  then  make  a 
recommendation  to  the  state’s  Joint  Bond 
Review  Committee.  ■ 
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Mr.  Gibbs,  I  am  now  in  control 


First  this  week  I  wanted  to  correct  some¬ 
thing  I  wrote  last  week:  I  discussed  the  tech¬ 
nique  of  “freezing”  PCs  to  prevent  malware 
changes  and  mentioned  a  previous  version  of 
Faronics’  Deep  Freeze  had  been  hacked. The 
current  version,  which  has  been  out  for  four 
years,  has  not  been  hacked.  Faronics  also  has 
an  enterprise  version. 

So,  where  was  1?  Oh  yes,  talking  about  mal- 
ware.The  reader  feedback  continues  to  . . . 

Zdravstvujtye!  So,  my  friend,  you  thought  you  were  going  to  be  read¬ 
ing  the  Backspin  column.  Ha!  You  read  about  Gibbs' malware  problems 
in  Gearhead  and  Backspin,  da?  And  you  read  about  how  he  got  rid  of 
his  little  problem?  Well,  not  so  fast,  Mister  Gibbs!  As  you  Americans  say 
All  your  base  are  belong  to  us!’ 

Mister  Gibbs  should  know  there  really  is  no  substitute  for  the 
‘nuclear’ option  (you  Americans  are  so  amusing  with  your  catch 
phrases  and  ‘sound  bytes’).  Like  we  say  in  my  country,  14s  you  make 
your  bed,  so  you  will  sleep.’ Well,  I  think  Mr.  Gibbs  is  maybe  not  sleep¬ 
ing  too  well. 

Now  it  is  time  to  introduce  myself.  I  am  Vladimir  —  Vlad  to  my  friends 
—  but  to  Mr.  Gibbs  1  am  Mr.Vlad,  and  he  owes  me  money.  Yes,  for  his 
mistake  of  not  cleaning  out  my  little  friend  completely,  1  will,  as  we  say 
in  my  country,  ‘Pokazat,’ gde  raki  zimuyut’ (literally  ‘have  to  show  where 
the  lobsters  spend  winter  ’ —  it  means  punish,  but  we  have  a  lobster 
thing).  Let  me  tell  you  a  little  story  about  how  this  works. 

In  the  three-ninth  kingdom  ('V  tridevyatom  tsarstve,’  which  is  like  your 
‘once  upon  a  time),  my  little  friend  got  into  Gibbs’ computer  from  one 
of  the  Web  sites  he  visited  or  from  some  ‘interesting’  piece  of  software 
he  installed. 


There  are  other  ways  as  well,  but  we  need  not  discuss  how  they 
work,  but  I  will  tell  I  have  zero-day  exploit  I  purchase  off  my  friend  Kiri 
that  it  is  better  to  remain  my  little  secret  (this  cost  me  a  hundred  thou¬ 
sand  credit  cards,  which  was  a  lot,  but  what  I  got  from  Heartland  Credit 
Systems  was  much  greater ...  so  what  if  Yuri  was  overpaid,  he  will 
remember  that  I  am  generous  when  he  finds  the  next  great  exploit). 

Now  my  little  friend  is  busy.  He  is  sending  me  everything  from  Mr. 
Gibbs  ’  hard  drive.  I  could  clean  out  Gibbs '  bank  account  but  what  fun 
would  that  be?  His  bank  would  simply  cover  the  loss.  No,  much  better 
to  just  hold  Gibbs’ computer  hostage.  He  is  now  seeing  a  pop-up  that 
says  the  following:  ‘My  dear  Mr.  Gibbs,  I  could  clean  out  your  bank 
account.  I  could  send  porn  to  all  your  friends  so  it  looks  like  you  sent  it. 

I  could  do  anything  I  want.  But  this  is  your  lucky  day.  You  will  have 
noticed  by  now  that  you  cannot  access  your  files.  All  I  want  you  to  do  is 
pay  me  $10  a  month  and  I  will  let  you  have  access.  Just  send  me  a 
message  at  vladimiryourbase@gmail.com  confirming  you  will  pay  with¬ 
in  24  hours,  and  your  files  will  be  made  available.  If  you  fail  to  confirm, 
if  you  run  any  kind  of  malware  removal  tool,  if  you  attempt  to  make 
any  system  changes  your  hard  disk  will  be  wiped  clean.’ 

Why  do  I  do  this?  Because  I  can.  I  have  lots  of  money  and  keeping  an 
army  of  zombies  that  each  drip  a  little  money  my  way  is  better  than 
making  —  how  do  you  say  it?  —  too  many  wave.  I  have  more  than 
5,000  people  doing  this,  so  it  is  good  business.  Da? 

Maybe  I  will  be  on  your  PC  next.  Will  you  ever  get  rid  of  me?  As  we  say, 
‘Kogda  rak  na  gore  svfstnet ’ —  when  the  lobster  will  whistle  on  the 
mountain .’  Or  as  you  say,  'when  pigs  fly.’ Have  a  nice  day,  or  as  we  say,  Do 
svidaniya!  ('Till  the  next  meeting.) 

Vlad  isn’t  in  Ventura,  Calif. You  can  send  him  your  thoughts  at 
vladimiryourbase@gmail.com.  Gibbs  is  still  at  backspin@gibbs.com. 


Mark  Gibbs 


nt  wins  free-speech  spat 


College 

News  arrived  last  week  via  the  Electronic 
Frontier  Foundation  that  Michigan  State 
University  had  dropped  disciplinary 
action  against  a  student  who  had  been 
accused  of  spamming  and  network  abuse 
because  she  sent  email  about  a  controversial 
campus  matter  to  391  faculty  members. 

That  justice  prevailed  seems  obvious  from 
afar,  but  it  had  me  wondering  if  the  situation 
would  have  been  far  stickier  in  a  slightly  differ¬ 
ent  setting.  I’ll  get  to  that  in  a  moment. 

The  university  initially  argued  that  the  student,  Kara  Spencer,  had 
violated  acceptable-use  policy  by  failing  to  gain  prior  permission  for 
her  e-mail,  which  reached  about  8%  of  the  MSU  faculty  (any  amount 
above  30  messages  triggered  the  provision).  EFF  called  that  restriction 
unconstitutional  and  was  preparing  to  file  legal  action. 

EFF  states:“We  re  pleased  that  MSU  has  reversed  course  and  will  not 
only  drop  the  charge  against  Ms.  Spencer,  but  will  reconsider  its 
flawed  policies,”  said  EFF  Legal  Director  Cindy  Cohn. “When  a  school’s 
anti-spam  policy  requires  students  to  get  approval  before  they  discuss 
school  policy  with  school  officials,  it  has  plainly  left  the  realm  of  pro¬ 
tecting  against  spam  and  has  violated  the  Constitution.” 

Score  one  for  the  First  Amendment.  However,  the  thought  did  occur 
to  me:  Would  the  issue  be  viewed  any  differently  —  by  the  law  or  civil 
libertarians  —  had  this  been  a  private  university  instead  of  a  state 
(read:  government-run)  one? 

1  asked  Cohn  via  e-mail.  Her  reply:“It  would  have  been  a  more  com¬ 
plicated  analysis  but  1  don’t  know  that  it  would  necessarily  have 
meant  that  the  policy  was  OK  either” 

1  agree  that  the  distinction  would  not  make  the  policy  OK  —  as  in 
reasonable,  prudent  or  fair  —  but  1  do  believe  the  legal  case  would  be 


significantly  more  difficult,  if  not  altogether  untenable. 

Surely  there  is  little  doubt  that  a  private  employer  can  place  restric¬ 
tions  on  the  use  of  e-mail  that  would  have  made  Spencer’s  391-piece 
delivery  a  violation  of  company  policy  subject  to  disciplinary  action. 

Now  make  the  jump  from  private  employer  to  private  university:  Is  it 
really  that  much  of  a  leap? 

How  many  phones  do  you  have? 

Slashdot  last  week  was  asking  in  one  of  its  polls:“How  many  phones 
do  you  have?  Count  wired  phone  extensions,  cell  phones,  smartphones, 
and  installed  VoIP  apps  on  all  computers  that  you  use  regularly’ 

Unscientific,  to  be  sure,  but  at  last  look  more  than  26,000 
Slashdotters  had  answered.  I  was  surprised  to  find  that  my  total  of  five 
phones  was  above  the  poll’s  most  popular  answer  of  two  to  four 
(51%).  I  had  figured  that  the  Slashdot  crowd  would  be  good  for  a 
boatload  of  phones,  but  now  I’m  thinking  this  probably  reflects  the 
number  of  people  rejecting  land  lines  altogether 

A  colleague  saw  my  Buzzblog  post  about  the  poll  and  offered  this 
personal  anecdote:  “I  slinked  into  and  out  of  Target  last  week  with  a 
new  landline  phone.  I  failed  in  my  bid  to  have  our  household  go  cell¬ 
phone  only’ 

Left  unspoken  was  that  he  wasn’t  the  decider. 

Nevertheless,  I  encounter  more  people  all  the  time  who  have  cut  the 
cord,  including  my  brother  and  his  wife.Twenty-seven  percent  in  the 
Slashdot  poll  reported  owning  only  a  single  phone,  presumably  the 
vast  majority  being  of  the  mobile  variety 

As  for  the  1%  or  so  who  reported  having  15  or  more  phones,  only 
one  word  comes  to  mind:  fetish. 

I've  always  had  something  of  a  fetish  about  answering  my  e-mail,  so 
don 't  be  afraid  to  give  me  a  try.  The  address  is  buzz@nww.com. 
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and  solutions  provides  every  element  of  an  integrated  IT  infrastructure. 
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scalability,  adaptability  and  evolution  without  forklift  upgrades,  while 
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